Tunnelling UDP Traffic Through An SSH Connection: Difference between revisions

From MediaWiki
Jump to navigationJump to search
Line 6: Line 6:
== Tunnel A TCP Forward Port Through SSH ==
== Tunnel A TCP Forward Port Through SSH ==
First we need to tunnel a '''''non-used''''' '''TCP''' port from the ''local'' '''NST''' probe to the ''remote'' '''NST''' probe which shares the same '''LAN''' as the destination '''x4200''' server.
First we need to tunnel a '''''non-used''''' '''TCP''' port from the ''local'' '''NST''' probe to the ''remote'' '''NST''' probe which shares the same '''LAN''' as the destination '''x4200''' server.
<div class="screen">
  <div class="screenTitle">Establish SSH Connection With TCP Port Forwarding</div>
  <div class="userInput"><span class="prompt">[root@probe tmp]# </span>ssh -p 20022 -L 9999:localhost:9999 root@55.44.22.178</div>
  <pre class="computerOutput">
root@55.44.22.178's password:
Last login: Thu Mar 22 11:18:59 2007 from cpe-72-222-76-188.nycaper.res.rdr.com
===============================================
= Linux Network Security Toolkit (NST v1.5.0) =
===============================================
</pre><div class="userInput"><span class="prompt">[root@probe-biostar ~]# </span></div>
</div>

Revision as of 11:09, 22 March 2007

Overview

This section describes how to use NST to tunnel a UDP traffic conversation through a SSH connection. For our example we will tunnel IPMItool traffic (UDP Port: 623) through an SSH connection to a Sun Fire X4200 server. Three systems are involved, 2 NST probes and the x4200 server. Reference information was taken from: "Performing UDP tunneling through an SSH connection".

Step By Step:

Tunnel A TCP Forward Port Through SSH

First we need to tunnel a non-used TCP port from the local NST probe to the remote NST probe which shares the same LAN as the destination x4200 server.

Establish SSH Connection With TCP Port Forwarding
[root@probe tmp]# ssh -p 20022 -L 9999:localhost:9999 root@55.44.22.178
root@55.44.22.178's password:
Last login: Thu Mar 22 11:18:59 2007 from cpe-72-222-76-188.nycaper.res.rdr.com

===============================================
= Linux Network Security Toolkit (NST v1.5.0) =
===============================================

[root@probe-biostar ~]#