SSH Tunneling?

RomeoS · 19 Oct 2007 at 16:51

Been looking into SSH Tunneling for the most part of today and I have a few questions.

What I am trying to achieve is have port xxx,xxxx etc forwarded locally to port 23 which would then securely connect to a ssh server which would then translate those ports into the correct ones and establish the connection.

Digram below should illustrate it better:

Remote PC would forward any request from Local PC back via the secure tunnel.

My questions are:

1) Is it possible to set this up on a windows based PC? Local PC would be running Windows XP Professional SP2 64bit and Remote PC running Windows 2003 Enterprise Server

2) Would the delay in communicating via this method be noticeable? Pings to Remote PC from Local PC are roughly 11ms and pings from Remote PC to jolt.co.uk are 3-5ms

3) Would it be possible for the Remote PC to handle 5-10 clients connected via this method?

Details on Remote PC are as follows:

Windows 2003 Enterprise Server 64bit (fully patched)
8GB RAM
4TB RAID 5 Storage
2X 24Mbit Download with 2X 2.5Mbit Upload

NOTE: Found a piece of software called putty which seems to be able to establish ssh connections. Reading up on that now, any pointers would be helpful.

RomeoS · 19 Oct 2007 at 17:28

Vai said:
Look into OpenSSH on Cygwin with PuTTY

Just came across that. Cheers

Got any idea on performance when it comes to browsing / checking mail etc via a tunnel?

RomeoS · 19 Oct 2007 at 18:46

Main reason for the setup is to provide a secure way to communicate with the server for anyone using a laptop.

For example person A might decide to check his/her email for a local cafe's free wireless access point.

Anyone with a bit of know-how can "see" what is being transfered.
The problem being with everyone using laptops is that they are often using it from unsecured locations or access points where only the basic ports are available (80, 21, 443 etc).

Using this system, I am hoping to let them have secure access to the internet / check emails / remote desktop / secure video conferencing from any location etc.

EDIT: Updated OP with image

RomeoS · 21 Oct 2007 at 11:53

Thanks for all your replies.

Vai, I will definitely be looking to move the mail to secure ports. Thanks.

Beh, Sounds like exactly what I'm trying to achieve. Setting up a couple of VM's on the server to play around with. Did you follow a guide of some kind or just tried it and hoped it worked?

NathanE, Had a go with hamachi, the lights come on green but none of the machines can actually see each other online. Possibly due to port blocking?

VPN would be an ideal solution but because of the additional ports it uses, it would be hit n miss whether it would from one location to another.

RomeoS · 21 Oct 2007 at 12:09

NathanE said:
Hamachi uses UDP and a few tricks of the trade to punch a hole through almost any NAT firewall If it's not working then the network you're on is too heavily firewall I'm afraid - in which case SSH Tunneling is possibly the only alternative. Although you could punch a hole with a SSH Tunnel and then run Hamachi over it

Now that sounds like a fun way to spend a Sunday

VM's are almost up, setting up 2x Windows 2003 Servers, 5X XP SP2 clients and 2X Vista Business clients.