* Home Help Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
Friday 19 April 2024, 07:09:06 am

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14247 Posts in 4376 Topics by 6491 Members
Latest Member: roy
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  EFW SMTP, HTTP, SIP, FTP Proxy Support
| | |-+  HTTPS over SSH		 0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: HTTPS over SSH  (Read 11349 times)
vnbm
Jr. Member
*
Offline Offline

Posts: 1
« on: Saturday 28 January 2012, 03:38:27 pm »
Hi Everyone,

Sorry if this has been asked before, I tried searching but I was unable to find anything.


Anyway, I am using EFW 2.4.1 and basically what I am in need of is being about to tunnel HTTPS (in partcular the web management page (10443)) over SSH, as my work network only allows outbound SSH direct through the firewall.

I am able to connect to my endian, over SSH (port 22) from work now. However when creating a HTTPS tunnel, it never seems to resolve.

I am using PuttY to create the tunnel. Selecting port 5901 as local (work machine) port, and I have tried both localhost/IP and Internet IP for destination with 10443 as port. I have also tried every combination in FireFox proxy settings to allow it through.

I'm not sure if any firewall rules will need to be created on my Endian machine to allow the connection. Obviously SSH has been allowed, but nothing else at the moment. I am interested to know if anyone else has been able to get this working, and hopefully share some insight for me.
Logged
endianupdate
Full Member
***
Offline Offline

Posts: 53
« Reply #1 on: Monday 06 February 2012, 09:25:19 am »
Have you enabled 'Allow TCP forwarding' on the EFW ?

Also to set up the Putty client you should use the following;

Tunnel source port 10443 (I keep the source and destination port the same)
Destination 127.0.0.1:10443 (the localhost address and port on the EFW that the admin interface is running on)

then when you have successfully connected to the EFW through SSH, in your browser enter https://127.0.0.1:10443 there is no need to set proxy settings on your browser for this to work as any connection to your local machine on port 10443 will be forwarded to the remote server port 10443 through the SSH tunnel.

You should not need to create any firewall rules on the EFW to allow the connection, see my connection as shown in the Status > Connections screen

Source IP    Source port   Destination IP      Destination port   Protocol   Status           Expires
192.168..  53682          192.168...            22 (SSH)           tcp           ESTABLISHED   119:58:15
127.0.0.1    35787          127.0.0.1              10443                    tcp           ESTABLISHED   119:59:59

Hope this helps.
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.031 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com