# Using SSH to Tunnel Through Firewalls

## woolsherpahat

I'm behind a firewall that blocks a significant amount of outgoing/incoming connections.  The ones that are of particular intrest to me are IRC (194,6667) and bittorrent (6881-6999, 6969).  Now I have ssh access to a router/firewall/NAT machine in another location that I control.  There is also a server behind that router that I have remote access to so my question is what's the best way to ssh tunnel these ports?  

Should I just port forward ssh connections from my router through to my server and just have it handle everything?  Or is there a way I can use IRC and bittorrent directly on my client machine?  

Anyway suggestions are very welcome.

----------

## plastikman187

i have never tried for Bit torrent but IRC works well so does VNC

Check out this link

http://people.hmdc.harvard.edu/~mathpre/vnc/putty/

Basically you are making the port avalable on your pc

so if you want to conenct to IRC.freenode.net you would make the SSH tunnel to that server then connect to localhost:6667 and since you are forwarded local host will go through putty and conenct to that server

Hope that helps

----------

## woolsherpahat

Alright I got IRC to work here's how I did it:

First I made my ssh tunnel on my client machine:

```
$ ssh -p 22 -2 -N -f -L 6667:irc.prison.net:6667 username@remote.server.net

username@remote.server.net's password:
```

and then you can see the connection on your client machine:

```
$ netstat -a |grep 6667

tcp4       0      0  localhost.6667         *.*                    LISTEN

tcp6       0      0  localhost.6667         *.*                    LISTEN
```

and here's what it looks like from the remote machine (remote.server.net) your tunneling through.

```
$ netstat -a 

tcp        0      0  remote.server.net.22 local.client.net.49830 ESTABLISHED

tcp        0      0  remote.server.net.10260 irc.prison.net.6667  ESTABLISHED
```

I'm using XChat as my IRC client so all I did was create a new network and for the servers I listed 'localhost 6667'.

and it works.   :Cool: 

It'll be a little harder with bittorrent since a more ports are going to have to be involved so anyways I'll think about that for a while and get back to everyone.

----------

## ryker

It seems like this is what I need to get Matlab working on my machine at home.  Matlab needs to get to the license server at work behind the firewall in order to start on my machine.  I have a Gentoo box with sshd running that I can get to.  Could I use this method to have matlab on my computer be able to retrieve a license through the ssh tunnel?  If so, how?

The license server accepts incoming license requests on port 1703 and returns on port 1704.

Thanks

----------

