BhuvanChand Maddi

Port Forwarding/Tunneling

bhuvanchand maddi's photo
bhuvanchand maddi
·

2 min read

Table of contents

Reverse proxy & ssl termination using nginx(In ubuntu)

Set up a reverse proxy with NGINX and trusted HTTPS certificates from letsencrypt(renew certificates using certbot). We will install it directly on a Linux server and expose a sample hello world flask web application.

GitHub code and docs

Port-forwarding to access sample webapp running on a node in the internal network over the internet.

github

Local port-forwarding/ ssh tunneling

references: article , video

use-cases:

If we want to access a web-app running on your internal home network from outside(over internet) or completely from another network.

192.168.1.2 and 192.168.1.3 can be the same machines above i.e internal resource can be in public ssh server

Example: 10.0.0.4 machine is in a completely different network. Let`s say web application is running in the same public ssh-server.

# we are creating tunnel using which all the requests
# comming to ssh-server over port 8080 will be redirected 
# 10.0.0.4 machine over port 8888
ssh -L 8888:192.168.1.2:8080 root@44.11.22.33

So in the 10.0.0.4 machine, we can access the application using localhost:8888.

Note: If we publish-ssh server is located in another internal network(i.e. if it doesn`t have any public IP) then we can port-forward requests by adding port-forward rules in the router. 2 ports 8080 and 22.

Remote port-forwarding:

It is vice-versa of local-port forwarding.

make sure GatewayPorts is set to yes in the remote SSH server configuration.

services like ngrok, local tunnel uses this.

In short, If you want to access an application which is hosted on the internet from your local internal network use local port forwarding. If you were outside of the network(internet) and want to access resources in the internal network then you will use remote port forwarding.

Both of these techniques help to access web apps running in one network to access from completely different networks.

Ngrok tunnel service to access localhost application over the internet

1. Unzip to install

On Linux or Mac OS X you can unzip ngrok from a terminal with the following command. On Windows, just double click ngrok.zip to extract it.

unzip /path/to/ngrok.zip

2. Connect your account

Running this command will add your authtoken to the default ngrok.yml configuration file. This will grant you access to more features and longer session times. Running tunnels will be listed on the endpoints page of the dashboard.

ngrok config add-authtoken 2Sc1QIAMu6li0orVFU6k7t88lc9_74hVZtUi2BBfnqGUDaTCq

3. Fire it up

Read the documentation on how to use ngrok. Try it out by running it from the command line:

ngrok help

To start a HTTP tunnel forwarding to your local port 80, run this next:

ngrok http 80

networkingtunnelingport-forwarding