How to configure SSH client to bypass proxy or firewall

I assume you already install and run the OpenSSH in your DNS-323 using the fun plug. With that, your DNS-323 NAS is effectively can accept any incoming SSH session from any client computer (e.g. from your internet access in office, school, airport, etc).

Now it is time for you to configure your SSH client. What you need is first to install SSH/telnet client called PuTTY. Download it HERE. From the site you will see other applications as well e.g.Bitvise Tunnelier which is highly recommended over PuTTY since it provides more intuitive ways to configure. But here I will use PuTTY only. Once you know how to configure in PuTTY, it is much easier to configure in Tunnelier.

Also you can see the Bitvise WinSSHD which essential an OpenSSH server meant for Windows. But in this case you are using the DNS-323 which run on Linux with OpenSSH already run in the background.

All the steps listed here assume you already configure your router configuration to allow SSH access to the DNS-323 which now act as your light server.Make sure you set the SSH application port for external access to 443 in the router setting. It is because most firewall will allow 443 port which commonly used for SSL (secure access).  By allowing this 443 port, that the reason that you are still able to access internet banking sites from your office pc.

So, essentially, what we are doing is actually use this 443 port to make a secure tunnel from the client computer to our DNS-323 which act as the SSH server. From the server then only it will go to where ever we want on the internet without restrictions.

Using PuTTY

1. Download PuTTY
2. Run putty.exe (No installation needed, so it is portable means that you can carry it in your USB drive to use in e.g. public computer, etc.
3. Enter the hostname which could be your IP address or registered dynamic DNS service e.g. xxx.myhome.com which you might from www.dydns.com. For this to work you need to configure your home router as well. Remember to choose SSH session not telnet or anything else. Also make sure the port is 443.
4. Click to the Connection>Proxy. Choose what is the type of the proxy (usually http) and enter the proxy hostname (you can see the hostname from the Internet Explorer Internet Option under Connection setting for manual proxy setup. The port usually 80 fot http proxy.
5. Click to the SSH>tunnels. At the Source enter the port number, just use 8080 to  be safe. Click Add. Then click the radio button of dynamic and Auto.
6. Go back to the Session page. you might want to save the configuration by click ’save’ on the “load, save or delete stored sessions” by giving any name for your session.
7. Click open.
8. Few messages might pop-up for first time login, just click yes to accept the session. the messages actually want to verify weather you are familiar with the SSH, to check that the ssh session is really what you want to connect.
9. A terminal windows now will pop-up asking you to enter as what user. Could be root user or any other predefined user name.
10. Enter the password.
11. Now you are connected to the SSH server in your DNS-323 NAS.
12. The next step is to configure your browser setting.
13. For Internet Explorer, go to the Internet Option>Connections>LAN settings>Proxy server>Advanced
14. Delete all existing proxy setting including the ports.
15. At the Socks, enter “localhost” or “127.0.0.1″ and port number 8080 (or any number that you have defined earlier in the PuTTY tunnel setting.
16. Click “ok”

Now you are free from any restriction of your office’s firewall! Try to enter known restricted website e.g. youtube, myspace, etc.

Good Luck!

08/10/2008 - Posted by abuhawa | Networking, Windows XP troubleshootings | bypass firewall, ssh tunnel | 2 Comments