SSH Port Forwarding Not working
Posted: 2017/07/11 20:57:15
I'm trying to use putty to port forward 443 to another system via a remote port forwarding through a Centos 6.9 box. I've done this a million times and it's worked without issue until now. I've disabled iptables for my test and communication of over VPN so we are using internal addressing on both sides.
(Win2k12 - 192.168.88.191 -L port 8887) -----------> (CentosTest - 10.1.111.111 -R port 8887) ---------FWD-------->(Server01 - 10.1.111.217 port 443)
I'm connecting locally on the Win2k12 via browser to local port 8887 which I've configured putty to forward it to the destination server 10.1.111.217 which is on the same network.
When I look in my var log messages I get the below error message. I have an /etc/hosts entry to resolve the server to IP.
Jul 11 13:23:12 localhost sshd[10266]: error: connect_to Server01:443: unknown host (Name or service not known)
Jul 11 13:23:12 localhost sshd[10266]: error: connect_to Server01:443: unknown host (Name or service not known)
Jul 11 13:23:13 localhost sshd[10266]: error: connect_to Server01:443: unknown host (Name or service not known)
Jul 11 13:23:13 localhost sshd[10266]: error: connect_to Server01:443: unknown host (Name or service not known)
Lastly when I do a "netstat -a | grep 8887" on the Centos box I get nothin, but I do see that port 8887 is listening on the Win2k12 box.
Below is some information to help get this figured out.
[root@CentosTest ~]# rpm -qa | grep ssh
openssh-6.2p1-1.x86_64
libssh2-1.4.2-2.el6_7.1.x86_64
openssh-clients-6.2p1-1.x86_64
openssh-server-6.2p1-1.x86_64
[root@CentosTest ~]# ssh -V
OpenSSH_6.2p1, OpenSSL 1.0.0-fips 29 Mar 2010
--------------------------------
[root@CentosTest ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
---------------------------------
[root@CentosTest ~]# netstat -ar
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
10.1.111.0 * 255.255.255.0 U 0 0 0 eth0
link-local * 255.255.0.0 U 0 0 0 eth0
default 10.1.111.1 0.0.0.0 UG 0 0 0 eth0
---------------------------------------
Any help would be appreciated. I did hit the Google machine before I decided to post but at this point I'm stuck.
Your help would be greatly appreciated.
(Win2k12 - 192.168.88.191 -L port 8887) -----------> (CentosTest - 10.1.111.111 -R port 8887) ---------FWD-------->(Server01 - 10.1.111.217 port 443)
I'm connecting locally on the Win2k12 via browser to local port 8887 which I've configured putty to forward it to the destination server 10.1.111.217 which is on the same network.
When I look in my var log messages I get the below error message. I have an /etc/hosts entry to resolve the server to IP.
Jul 11 13:23:12 localhost sshd[10266]: error: connect_to Server01:443: unknown host (Name or service not known)
Jul 11 13:23:12 localhost sshd[10266]: error: connect_to Server01:443: unknown host (Name or service not known)
Jul 11 13:23:13 localhost sshd[10266]: error: connect_to Server01:443: unknown host (Name or service not known)
Jul 11 13:23:13 localhost sshd[10266]: error: connect_to Server01:443: unknown host (Name or service not known)
Lastly when I do a "netstat -a | grep 8887" on the Centos box I get nothin, but I do see that port 8887 is listening on the Win2k12 box.
Below is some information to help get this figured out.
[root@CentosTest ~]# rpm -qa | grep ssh
openssh-6.2p1-1.x86_64
libssh2-1.4.2-2.el6_7.1.x86_64
openssh-clients-6.2p1-1.x86_64
openssh-server-6.2p1-1.x86_64
[root@CentosTest ~]# ssh -V
OpenSSH_6.2p1, OpenSSL 1.0.0-fips 29 Mar 2010
--------------------------------
[root@CentosTest ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
---------------------------------
[root@CentosTest ~]# netstat -ar
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
10.1.111.0 * 255.255.255.0 U 0 0 0 eth0
link-local * 255.255.0.0 U 0 0 0 eth0
default 10.1.111.1 0.0.0.0 UG 0 0 0 eth0
---------------------------------------
Any help would be appreciated. I did hit the Google machine before I decided to post but at this point I'm stuck.
Your help would be greatly appreciated.