1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

question on ssh tunnelling

Discussion in 'Tomato Firmware' started by test38, Dec 13, 2008.

  1. test38

    test38 Addicted to LI Member

    Hi,
    I have been able to do some ssh tunneling using tomato, for example:

    I can tunnel some outside port to port on my local machine in my home LAN.

    But now what I try to do is the following:

    tunnel some outside port to the router itself, so that every box on my home LAN can access those outside ports by accessing 192.168.1.1:port, where 192.168.1.1 is the router's internal address.

    Have spent a couple hours on this. Hope someone here have done this before.

    Thanks
     
  2. test38

    test38 Addicted to LI Member

    Just added what I have achieved so far:

    I currently can log onto the router, and see those tunnel ports open on router. But my machines on LAN can't see those ports open.
     
  3. fyellin

    fyellin LI Guru Member

    Have you tried adding "GatewayPorts yes" to your configuration?
     
  4. test38

    test38 Addicted to LI Member

    how to change it?
     
  5. test38

    test38 Addicted to LI Member

    anyone else has any idea?
     
  6. fyellin

    fyellin LI Guru Member

    Do you have a file ~/.ssh/configure ?

    You add the line to this file.
     
  7. nvtweak

    nvtweak LI Guru Member

    I enable this by starting dropbear (the SSH server) with the -a switch. Otherwise dropbear will only listen on local socket (127.0.0.1:port).
     
  8. test38

    test38 Addicted to LI Member

    Finally got it working!
    By enabling drop bear with -a switch, and specify the internal ip when creating the tunnel:
    autossh -M 29001 -f -R 192.168.1.1:3388:localhost:3388 -lroot -p 3388 -g -N <ip> &

    So the remaining question is, how to enable the -a switch automatically when the access point is rebooted?
     
  9. nvtweak

    nvtweak LI Guru Member

    start dropbear manually by script

    or recompile the firmware to allow option to enable/disable -a switch

    I did the latter.
     

Share This Page