SSH Remote port forwarding with multiple ports
What you want is not to create a tunnel that listens on two remote machine ports, you want two tunnels that listen on the same remote port.
That is not possible. How is ssh supposed to know to which port an incoming connection should be forwarded?
There are solutions that can distinguish between protocols, but none of them are generic. It the port 80 you use is an indication of http traffic, you can set up a reverse proxy, but it would be much easier to just use two different ports for the two destinations.
Edit
From your comments, it seems you are just missing the -g
option to SSH to allow other hosts to connect to the tunnel.
Related videos on Youtube
Wrath13
Updated on September 18, 2022Comments
-
Wrath13 over 1 year
For those who worked with ssh port forwarding or for those who have an idea, I managed to create a remote tunnel from my PC to a remote machine(a camera that does not have a public address) through a ssh server ( has a public address ).
The goal is to forward the access of the camera to the public with ssh remote port forwarding,
The format of the command that I launched on my PC is:
ssh -R sshServer_port:destination_address:destination_port sshServer_address
Example:
ssh -R 3000:192.198.1.210:80 [email protected]
In the sshServer, I can access the remote machine through localhost:3000
and then, I set up a tcpproxy to make the access public with this command:
tcpproxy -lhost 0.0.0.0:8080 -rhost localhost:3000
With this,anyone from any network can access to the camera interface by typing 52.14.9.210:8080
What I want to do is create a tunnel that listens on two remote machine ports (80 for http and 8000 for the live streaming) with the format of the command:
ssh -R sshServer_port:destination_address:destination_port1 -R sshServer_port:destination_address:destination_port2 sshServer_address
Example:
ssh -R 3000:192.168.1.210:80 -R 3000:192.168.1.210:8000 [email protected]
I tried to run the command but I got this error: Warning: remote port forwarding failed for listen port 3000
Do you have an idea how to fix this.
-
Wrath13 over 5 yearsThanks for the answer, I already set up a reverse proxy (tcpproxy) that forward any request of the port 8080 to the localhost:80 of the ssh server. If I use two different remote ports for the two destinations, I cannot set up the reverse proxy. Do you know any other solution for that ? Could dynamic port forwarding solve the porblem ?
-
RalfFriedl over 5 yearsYou would have to provide more details.
-
Wrath13 over 5 yearsokay, So the destination machine (192.168.1.210) is a camera that I can access to its interface by writing its address in the browser, the camera needs the port 80(http) and the port 8000(streaming). The camera doesn't have a public address, so what I did is creating tunnel(ssh -R 3000:192.198.1.210:80 [email protected]) to the public through a ssh server that has a public address. when I set up a tcpproxy (tcpproxy -lhost 0.0.0.0:8080 -rhost localhost:3000), anyone could access to the camera through the address of the public server but it needs the port 8000 to the live streaming works.
-
RalfFriedl over 5 yearsAdd that to the question, it allows proper formatting and for others to see at once.
-
RalfFriedl over 5 yearsWhy don't you just forward port 80 to 80 and 8000 to 8000? Why port 3000 for both?
-
Wrath13 over 5 yearsif i forward 80 to 80 and 8000 to 8000, I cannot set up one tcpproxy. I don't know if it's possible to set up two rhosts to one lhost
-
RalfFriedl over 5 yearsPlease add an explanation to the question why tcpproxy is necessary.
-
Wrath13 over 5 yearsOkay, after creating the tunnel, accessing to the camera interface became also possible inside the ssh server through localhost:3000, but we need to make anyone who writes the ssh server address in his browser (52.14.9.210:3000) access to camera interface. tcpproxy can provide this action by forwarding any request from the outside to the localhost of the server with this command tcpproxy -lhost 0.0.0.0:8080 -rhost localhost:3000