Introduction

There are many solutions to forward ports on a local server to a remote server. One is to use SSH (OpenSSH) software that would easily found on every Linux server. This process could be done in many ways. We’re going to check each of them.

Note: Please don’t do the forwarding process on a valued server – As some VPS / VDS providers have restricted port forwards in their TOS (Terms of Service). If you are not an amateur and you know what you are doing you can skip this notation.

 

Solution

Pre-commands

By default, TCP forwards is allowed in SSH, but it’s better to double-check this option in SSH Configuration File:

  1. Edit / Review the file /etc/ssh/sshd_config:
    sudo nano /etc/ssh/sshd_config
  2. Check the status of parameters below:
    AllowTcpForwarding yes
    AllowStreamLocalForwarding yes
    PermitTunnel yes
    # For remote forwardings
    GatewayPorts no 
    

 

Local Forwarding

Forward a port on a local server to a port on a remote server:
ssh -fNL [localhost:]<local_server_port>:<remote_server_ipv4>:<remote_server_port> <local_server_ipv4>

Alternatively, if you want to allow public connection to go through this forward, simply use:

ssh -fNL <local_server_ipv4>:<local_server_port>:<remote_server_ipv4>:<remote_server_port> <local_server_ipv4>

Example: Forwarding port 11111 from server with IP address 1.1.1.1 to port 22222 on a server with IP address 2.2.2.2.

With local-only access:

ssh -fNL [localhost:]11111:2.2.2.2:22222 1.1.1.1

With local and public access:

ssh -fNL 1.1.1.1:11111:2.2.2.2:22222 1.1.1.1

 

Forward a port on a local server to another port on the server:
ssh -fNL [localhost:]<local_server_port_from>:localhost:<local_server_port_to> <local_server_ipv4>

Alternatively, if you want to allow public connection to go through this forward, simply use:

ssh -fNL <local_server_ipv4>:<local_server_port_from>:localhost:<local_server_port_to> <local_server_ipv4>

Example: Forwarding port 11111 to port 22222 on the local server with IP address 1.1.1.1.

With local-only access:

ssh -fNL [localhost:]11111:localhost:22222 1.1.1.1

With local and public access:

ssh -fNL 1.1.1.1:11111:localhost:22222 1.1.1.1

 

Remote Forwarding

Forward a port on a remote server to a port on another remote server:
ssh -fNR [localhost:]<remote_from_server_port>:<remote_to_server_ipv4>:<remote_to_server_port> <remote_from_server_ipv4>

Alternatively, if you want to allow public connection to go through this forward, simply use:

ssh -fNR <remote_from_server_ipv4>:<remote_from_server_port>:<remote_to_server_ipv4>:<remote_to_server_port> <remote_from_server_ipv4>

Example: Forwarding port 22222 on the remote server with IP address 2.2.2.2 to port 33333 on another remote server with IP address 3.3.3.3.

With local-only access:

ssh -fNR [localhost:]22222:3.3.3.3:33333 2.2.2.2

With local and public access:

ssh -fNR 2.2.2.2:22222:3.3.3.3:33333 2.2.2.2

 

Forward a port on a remote server to another port on the server:
ssh -fNR [localhost:]<remote_server_port_from>:localhost:<remote_server_port_to> <remote_server_ipv4>

Alternatively, if you want to allow public connection to go through this forward, simply use:

ssh -fNR <remote_server_ipv4>:<remote_server_port_from>:localhost:<remote_server_port_to> <remote_server_ipv4>

Example: Forwarding port 11111 to port 22222 on the remote server with IP address 2.2.2.2.

With local-only access:

ssh -fNR [localhost:]11111:localhost:22222 2.2.2.2

With local and public access:

ssh -fNR 2.2.2.2:11111:localhost:22222 2.2.2.2

 

More options

  • If you prefer using a different user and port rather than root and 22, you can append the commands below:
-l <ssh_user>
-p <ssh_port>
  • You can alternatively use domains instead of IP addresses.
  • You can specify more than one forwards in a single command line by appending them together.

 

Parameters description

  • -f forces the process run in the background, if not specified, the process will be quit by pressing ^X or ^C.
  • -N makes the command run not as a remote command.
  • -L specifies Local-forwarding.
  • -R specifies Remote-forwarding.
  • -l specifies the SSH user.
  • -p specifies the SSH port.
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments