Port Forwarding Explained

Port forwarding allows remote computers (for example, computers on the Internet) to connect to a specific computer or service within a private local-area network (LAN).

SSH (Secure Shell) is a network protocol used to securely connect to a remote computer. It is commonly used to remotely access and manage servers, as well as to securely transfer files between systems.

One of the useful features of SSH is the ability to create secure tunnels, also known as port forwarding, which allows traffic to be securely transmitted between two systems through an encrypted connection. This can be useful for a variety of purposes, such as bypassing firewalls, securely accessing remote networks, and creating virtual private networks (VPNs).

In this article, we will explain the concepts of SSH port forwarding and tunnelling in detail, including how they work and how they can be used.


What is Port Forwarding?

Port forwarding is a networking technique that allows traffic to be forwarded from one network to another, typically through a router or firewall. It works by routing incoming traffic to a specific port on a destination host or network.

For example, consider a scenario where you have a server running on a remote network and you want to access it from your local network. If the server is behind a firewall, you may not be able to directly connect to it. In this case, you can use port forwarding to route traffic from your local network to the server’s network, allowing you to access the server as if it were on your local network.

In order to set up port forwarding, you will need to configure the router or firewall to forward traffic from a specific port on the local network to the appropriate port on the remote network. For example, you might configure the router to forward incoming traffic on port 80 (HTTP) to the server’s port 80, allowing you to access the server’s web server from your local network.


What is SSH Tunnelling?

SSH tunnelling, also known as SSH port forwarding, is a technique that allows traffic to be securely transmitted between two systems through an encrypted connection. It works by creating a secure tunnel between two systems, allowing traffic to be transmitted over the tunnel as if it were a direct connection.

SSH tunnelling is often used to bypass firewalls and securely access remote networks. It can also be used to create virtual private networks (VPNs), allowing users to securely access a remote network as if they were directly connected to it.

To set up SSH tunnelling, you will need to have an SSH client installed on your local system and an SSH server running on the remote system. You will also need to have the appropriate SSH credentials (such as a username and password) to access the remote system.

There are two main types of SSH tunnelling: local forwarding and remote forwarding.

Local Forwarding

Local forwarding is used to forward traffic from a local port to a remote destination. It is typically used to access resources on a remote network as if they were on the local network.

For example, consider a scenario where you have a server running on a remote network and you want to access it from your local network. If the server is behind a firewall, you may not be able to directly connect to it. In this case, you can use local forwarding to create a secure tunnel between your local system and the server, allowing you to access the server as if it were on your local network.

To set up local forwarding, you will need to use the ssh command with the -L flag, followed by the local port, the destination host and port, and the remote host. For example

ssh -L 8080:localhost:80 user@remote_host

Leave a Reply