HTTP over SSH Tunneling

Here’s the instruction on how to access your internal router webpage (or any other internal-only web applications) without setting-up a full pledge VPN.

1. On the machine that you want to use a web browser to access the internal webpage (i.e. your router IP, NAS Management Page, etc.), install Putty, download and install Putty if you haven’t done yet.

2. Launch Putty. Load your home/office external IP under the Host Name, and port.

3. Configure the tunnel. Expand Connection > SSH > Tunnels. Click the “Dynamic” Radio button;

4. Enter a port into “Source port”, I use 9090. Click “Add”

5. You will now see “D9090” under forwarded ports

6. Now use SSH as normal to connect to your home/office external IP from a remote connection (save the setup to save having to set this config each time)

7. Now open your web browser and go to your network settings, I use Firefox.

8. Under SOCKS Host, type in the IP of 127.0.0.1 and the port of 9090 (or whatever you chose above).

9. You should now be able to access the internal resources’ Web Page.

Traffic in Firefox will now go via an encrypted SSH session to your home/office IP to the internal webpages you want to access remotely onwards to the internet.

*Assumptions:
1. You have an ssh server running on your internal network and ssh is open in the internet (I know, this is dangerous as well. we will cover how to protect this server on another blog post and if you haven’t done so – better not follow this yet)
2. SSH port is open (can be back ported to other port other than 22/tcp)