Re-Route network calls to multiple domains through SSH tunnel in windows 10
up vote
1
down vote
favorite
I have the following situation: There are some hosts that are only accessible through an ssh tunnel. Lets say its
- https://example.com
- https://other.com
I can establish the SSH tunnel and bind the 443 ports needed for the connection to local ports:
ssh -L 1443:example.com:443 -L 2443:other.com:443 -A -l username myproxy.com
This works fine so far - when I call https://localhost:1443, I can open example.com, if I call https://localhost:2443, I can call other.com
The problem: There are some apps that are not aware of this and still try to connect via the regular hostname and port.
Adding the following lines to my hosts file, I can get a step closer to the final solution:
127.0.0.1 example.com
127.0.0.1 other.com
This enables me to call https://example.com:1443 and https://other.com:2443 in my browser - but the port is still a problem. I would need to map BOTH domains to my local port 443 to make it work for other applications.
I guess I will need to have a local proxy server listening on port 443 and forwarding traffic based on hostname to either 1443 or 2443 but this is where I'm lost.
What can I do to enable all apps on my machine to just use the hostname/port but let the traffic go over my SSH tunnel?
networking windows-10 ssh proxy tunnel
asked Dec 5 at 10:46
Christian Engel
151125
add a comment |
up vote
1
down vote
favorite
I have the following situation: There are some hosts that are only accessible through an ssh tunnel. Lets say its
- https://example.com
- https://other.com
I can establish the SSH tunnel and bind the 443 ports needed for the connection to local ports:
ssh -L 1443:example.com:443 -L 2443:other.com:443 -A -l username myproxy.com
This works fine so far - when I call https://localhost:1443, I can open example.com, if I call https://localhost:2443, I can call other.com
The problem: There are some apps that are not aware of this and still try to connect via the regular hostname and port.
Adding the following lines to my hosts file, I can get a step closer to the final solution:
127.0.0.1 example.com
127.0.0.1 other.com
This enables me to call https://example.com:1443 and https://other.com:2443 in my browser - but the port is still a problem. I would need to map BOTH domains to my local port 443 to make it work for other applications.
I guess I will need to have a local proxy server listening on port 443 and forwarding traffic based on hostname to either 1443 or 2443 but this is where I'm lost.
What can I do to enable all apps on my machine to just use the hostname/port but let the traffic go over my SSH tunnel?
networking windows-10 ssh proxy tunnel
asked Dec 5 at 10:46
Christian Engel
151125
SSH can create a TAP device, and you could route the ips through that.
– davidbaumann
Dec 5 at 10:49
Do you have a document at hand which describes how I can do that?
– Christian Engel
Dec 5 at 11:04
add a comment |
up vote
1
down vote
favorite
up vote
1
down vote
favorite
I have the following situation: There are some hosts that are only accessible through an ssh tunnel. Lets say its
- https://example.com
- https://other.com
I can establish the SSH tunnel and bind the 443 ports needed for the connection to local ports:
ssh -L 1443:example.com:443 -L 2443:other.com:443 -A -l username myproxy.com
This works fine so far - when I call https://localhost:1443, I can open example.com, if I call https://localhost:2443, I can call other.com
The problem: There are some apps that are not aware of this and still try to connect via the regular hostname and port.
Adding the following lines to my hosts file, I can get a step closer to the final solution:
127.0.0.1 example.com
127.0.0.1 other.com
This enables me to call https://example.com:1443 and https://other.com:2443 in my browser - but the port is still a problem. I would need to map BOTH domains to my local port 443 to make it work for other applications.
I guess I will need to have a local proxy server listening on port 443 and forwarding traffic based on hostname to either 1443 or 2443 but this is where I'm lost.
What can I do to enable all apps on my machine to just use the hostname/port but let the traffic go over my SSH tunnel?
networking windows-10 ssh proxy tunnel
asked Dec 5 at 10:46
Christian Engel
151125
I have the following situation: There are some hosts that are only accessible through an ssh tunnel. Lets say its
- https://example.com
- https://other.com
I can establish the SSH tunnel and bind the 443 ports needed for the connection to local ports:
ssh -L 1443:example.com:443 -L 2443:other.com:443 -A -l username myproxy.com
This works fine so far - when I call https://localhost:1443, I can open example.com, if I call https://localhost:2443, I can call other.com
The problem: There are some apps that are not aware of this and still try to connect via the regular hostname and port.
Adding the following lines to my hosts file, I can get a step closer to the final solution:
127.0.0.1 example.com
127.0.0.1 other.com
This enables me to call https://example.com:1443 and https://other.com:2443 in my browser - but the port is still a problem. I would need to map BOTH domains to my local port 443 to make it work for other applications.
I guess I will need to have a local proxy server listening on port 443 and forwarding traffic based on hostname to either 1443 or 2443 but this is where I'm lost.
What can I do to enable all apps on my machine to just use the hostname/port but let the traffic go over my SSH tunnel?
networking windows-10 ssh proxy tunnel
networking windows-10 ssh proxy tunnel
asked Dec 5 at 10:46
Christian Engel
151125
asked Dec 5 at 10:46
Christian Engel
151125
asked Dec 5 at 10:46
Christian Engel
151125
asked Dec 5 at 10:46
Christian Engel
151125
asked Dec 5 at 10:46
Christian Engel
151125
151125
SSH can create a TAP device, and you could route the ips through that.
– davidbaumann
Dec 5 at 10:49
Do you have a document at hand which describes how I can do that?
– Christian Engel
Dec 5 at 11:04
add a comment |
SSH can create a TAP device, and you could route the ips through that.
– davidbaumann
Dec 5 at 10:49
Do you have a document at hand which describes how I can do that?
– Christian Engel
Dec 5 at 11:04
SSH can create a TAP device, and you could route the ips through that.
– davidbaumann
Dec 5 at 10:49
SSH can create a TAP device, and you could route the ips through that.
– davidbaumann
Dec 5 at 10:49
Do you have a document at hand which describes how I can do that?
– Christian Engel
Dec 5 at 11:04
Do you have a document at hand which describes how I can do that?
– Christian Engel
Dec 5 at 11:04
add a comment |
1 Answer
1
active
oldest
votes
up vote
0
down vote
Use ssh -D. This will create a SOCKS 5 proxy server on the specified port (usually 1080 or 9050), which you can configure in the browser and access everything through the SSH tunnel.
This works identically with OpenSSH, PuTTY (plink), Bitvise Tunnelier; and does not depend on any operating system-level features.
For example, with ssh -D 9050 running, you can configure Firefox like this:
(Chrome might need a command-line option instead.)
answered Dec 5 at 12:00
grawity
231k35486544
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1380968%2fre-route-network-calls-to-multiple-domains-through-ssh-tunnel-in-windows-10%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
Use ssh -D. This will create a SOCKS 5 proxy server on the specified port (usually 1080 or 9050), which you can configure in the browser and access everything through the SSH tunnel.
This works identically with OpenSSH, PuTTY (plink), Bitvise Tunnelier; and does not depend on any operating system-level features.
For example, with ssh -D 9050 running, you can configure Firefox like this:
(Chrome might need a command-line option instead.)
answered Dec 5 at 12:00
grawity
231k35486544
add a comment |
up vote
0
down vote
Use ssh -D. This will create a SOCKS 5 proxy server on the specified port (usually 1080 or 9050), which you can configure in the browser and access everything through the SSH tunnel.
This works identically with OpenSSH, PuTTY (plink), Bitvise Tunnelier; and does not depend on any operating system-level features.
For example, with ssh -D 9050 running, you can configure Firefox like this:
(Chrome might need a command-line option instead.)
answered Dec 5 at 12:00
grawity
231k35486544
add a comment |
up vote
0
down vote
up vote
0
down vote
Use ssh -D. This will create a SOCKS 5 proxy server on the specified port (usually 1080 or 9050), which you can configure in the browser and access everything through the SSH tunnel.
This works identically with OpenSSH, PuTTY (plink), Bitvise Tunnelier; and does not depend on any operating system-level features.
For example, with ssh -D 9050 running, you can configure Firefox like this:
(Chrome might need a command-line option instead.)
answered Dec 5 at 12:00
grawity
231k35486544
Use ssh -D. This will create a SOCKS 5 proxy server on the specified port (usually 1080 or 9050), which you can configure in the browser and access everything through the SSH tunnel.
This works identically with OpenSSH, PuTTY (plink), Bitvise Tunnelier; and does not depend on any operating system-level features.
For example, with ssh -D 9050 running, you can configure Firefox like this:
(Chrome might need a command-line option instead.)
answered Dec 5 at 12:00
grawity
231k35486544
answered Dec 5 at 12:00
grawity
231k35486544
answered Dec 5 at 12:00
grawity
231k35486544
answered Dec 5 at 12:00
grawity
231k35486544
231k35486544
add a comment |
add a comment |
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1380968%2fre-route-network-calls-to-multiple-domains-through-ssh-tunnel-in-windows-10%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
SSH can create a TAP device, and you could route the ips through that.
– davidbaumann
Dec 5 at 10:49
Do you have a document at hand which describes how I can do that?
– Christian Engel
Dec 5 at 11:04