What's new

SSH, Putty, Tunnel, Socks and Prxy

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

pe78420

New Around Here
SSH, Putty, Tunnel, Socks and Proxy

Hi,

First, I'm new user of the Asus RTAC66U router since last saturday and my previous equipment was a Linksys WRT54GS flashed with DD-WRT firmware.

With my previous router, and in order to access my home network from remote locations, I used a browser configured for socks proxy via putty and SSH tunneling.

Now, I try to use the same configuration with my new router without succes.

Various forums that I've read shows that this configuration does not seem to work yet... Is this true and when this configuration will be available?

Many thanks in advance and best regards.

PE78420
 
Last edited:
You need to enable SSH on Administration-System and set "Allow SSH Port Forwarding" to yes.
 
mike7,

Of course, but even with SSH enabled and "Allow SSH Port Forwarding" setted to YES, the SSH tunneling doesn't work at all... while it works fine with my old router.

What's wrong ???

pe78420
 
First, you need to check ssh, try login to the router from putty.
Second, look to putty's and router's logs for errors.
 
mike7,

You're right, there is an error message in putty's logs :
"Local port 8080 SOCKS dynamic forwarding failed: Network error: Permission denied"

Nothing in router's logs...

Any ideas ? nothing found with google :-(

pe78420
 
Check dropbear switches with ps, ps|grep dropbear. It should be run without -j switch.
If you found -j switch, check "Allow SSH Port Forwarding" & restart dropbear.
 
You're right, there is an error message in putty's logs :
"Local port 8080 SOCKS dynamic forwarding failed: Network error: Permission denied"

My interpretation is that there is another program using port 8080. You can not have two instances of putty using the same port.
 
Nerre, mike7, Ferisko,

My apologies... I've forgotten that the Apache Server on my laptop was running using port 8080 !
After changing the port, the "SOCKS dynamic forwarding" is ok but now I've got several others errors during the putty session... for example : "Opening forwarded connection to xxx:80" and "Forwarded port closed".
Does that means I've to open all ports on my router for this feature to work???

pe78420
 
No, that shouldn't be necessary.

I'm not tunneling through my Asus router so I can't help much more (I've forwarded port 22 to a server on my LAN instead). But from what I understand others are doing it without any problems.
 
Hi pe78420,

it seems OK. Logging into smallnetbuilder forums over a socks proxy (dynamic ssh port forward) generates the following in putty log for me (there is some other web site as well):
Code:
2013-03-06 09:40:19	Opening forwarded connection to forums.smallnetbuilder.com:80
2013-03-06 09:40:20	Opening forwarded connection to forums.smallnetbuilder.com:80
2013-03-06 09:40:20	Opening forwarded connection to forums.smallnetbuilder.com:80
2013-03-06 09:40:20	Opening forwarded connection to forums.smallnetbuilder.com:80
2013-03-06 09:40:20	Opening forwarded connection to forums.smallnetbuilder.com:80
2013-03-06 09:40:20	Opening forwarded connection to forums.smallnetbuilder.com:80
2013-03-06 09:40:26	Opening forwarded connection to ekonomika.sme.sk:80
2013-03-06 09:40:26	Opening forwarded connection to [url]www.google-analytics.com:80[/url]
2013-03-06 09:40:32	Forwarded port closed
2013-03-06 09:40:33	Forwarded port closed
2013-03-06 09:40:33	Forwarded port closed
2013-03-06 09:40:33	Forwarded port closed
2013-03-06 09:40:33	Forwarded port closed
2013-03-06 09:40:33	Forwarded port closed
2013-03-06 09:40:33	Forwarded port closed

If you are opening the tunnel to your home router from outside your home network (e.g. from work) there is another way to verify. Just navigate your browser to a site like http://www.whatismyip.com/ and see if the IP it reports belongs to your home router rather than your e.g. work network.

Also, if privacy is your concern (which often is when using socks proxy over ssh) and you use firefox you should set network.websocket.enabled to false and network.proxy.socks_remote_dns to true in about:config to prevent "dns leaks".
 
Last edited:
Hi every body,

Now it works!
Why? I don't know :-(
Perhaps a "finger check" using putty?

Thanks a lot for your replies...

Best regards,
pe78420
 
Last edited:

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top