My Digital Story

Just to make live easier…

How to configure SSH client to bypass proxy or firewall

I assume you already install and run the OpenSSH in your DNS-323 using the fun plug. With that, your DNS-323 NAS is effectively can accept any incoming SSH session from any client computer (e.g. from your internet access in office, school, airport, etc).

Now it is time for you to configure your SSH client. What you need is first to install SSH/telnet client called PuTTY. Download it HERE. From the site you will see other applications as well e.g.Bitvise Tunnelier which is highly recommended over PuTTY since it provides more intuitive ways to configure. But here I will use PuTTY only. Once you know how to configure in PuTTY, it is much easier to configure in Tunnelier.

Also you can see the Bitvise WinSSHD which essential an OpenSSH server meant for Windows. But in this case you are using the DNS-323 which run on Linux with OpenSSH already run in the background.

All the steps listed here assume you already configure your router configuration to allow SSH access to the DNS-323 which now act as your light server.Make sure you set the SSH application port for external access to 443 in the router setting. It is because most firewall will allow 443 port which commonly used for SSL (secure access).  By allowing this 443 port, that the reason that you are still able to access internet banking sites from your office pc.

So, essentially, what we are doing is actually use this 443 port to make a secure tunnel from the client computer to our DNS-323 which act as the SSH server. From the server then only it will go to where ever we want on the internet without restrictions.

Using PuTTY

  1. Download PuTTY
  2. Run putty.exe (No installation needed, so it is portable means that you can carry it in your USB drive to use in e.g. public computer, etc.
  3. Enter the hostname which could be your IP address or registered dynamic DNS service e.g. xxx.myhome.com which you might from http://www.dydns.com. For this to work you need to configure your home router as well. Remember to choose SSH session not telnet or anything else. Also make sure the port is 443.
  4. Click to the Connection>Proxy. Choose what is the type of the proxy (usually http) and enter the proxy hostname (you can see the hostname from the Internet Explorer Internet Option under Connection setting for manual proxy setup. The port usually 80 fot http proxy.
  5. Click to the SSH>tunnels. At the Source enter the port number, just use 8080 to  be safe. Click Add. Then click the radio button of dynamic and Auto.
  6. Go back to the Session page. you might want to save the configuration by click ‘save’ on the “load, save or delete stored sessions” by giving any name for your session.
  7. Click open.
  8. Few messages might pop-up for first time login, just click yes to accept the session. the messages actually want to verify weather you are familiar with the SSH, to check that the ssh session is really what you want to connect.
  9. A terminal windows now will pop-up asking you to enter as what user. Could be root user or any other predefined user name.
  10. Enter the password.
  11. Now you are connected to the SSH server in your DNS-323 NAS.
  12. The next step is to configure your browser setting.
  13. For Internet Explorer, go to the Internet Option>Connections>LAN settings>Proxy server>Advanced
  14. Delete all existing proxy setting including the ports.
  15. At the Socks, enter “localhost” or “127.0.0.1” and port number 8080 (or any number that you have defined earlier in the PuTTY tunnel setting.
  16. Click “ok”

Now you are free from any restriction of your office’s firewall! Try to enter known restricted website e.g. youtube, myspace, etc.

Good Luck!

08/10/2008 - Posted by | Networking, Windows XP troubleshootings | ,

7 Comments »

  1. Will proxy sites help me if my ISP allows only google.com products(gmail,googlearth etc.) when I have not paid. If you try to open any other site you will be redirected to the ISP payment page. You cannot even open those proxy sites.
    What can work for me to open those sites.

    Comment by kim | 22/11/2008

  2. Pls i need you to explain how to create the tunnel using OpenSSH and Putty cause i already install the opensshd and have been running on the computer. I tried the configuring my putty but i can’t type in the password on the cmd..

    Comment by KOLA | 20/04/2009

  3. “My Full Time jobs : Fight for the cause of Islam (not Islam Hadhari).” I admire your dedication. If it was only dedicated to the real thing you could actually make a difference in this world. And man does the world need it. I’m just wandering if you know that the KORAN (the book of muslims) says that you must kill anyone who does not want to convert to a muslim. And well if your willing to that, then why would you want to be a muslim? There’s only one God and He loves you and wants you back. His Son died just for you so that you won’t have to face His wrath, and you are forgiven for ALL your sins. At least give him a chance and if you can’t feel anything then continue on your muslim journey . It’s real simple just say this: Dear Jesus, I repent of my sins, come into my hart, I make you my lord an savior, Amen. Best of everything to you and you family. Thenk you for the info you posted here.

    Comment by You are needed | 10/06/2009

  4. salam bro..
    nak tanya pasal putty ni…
    kalau dah run benda tu ,dia nak username nga password..
    nak ambik kat mane username n password tu ..sy dah try tp x dpt la..blh bantu x…

    Comment by ali | 27/10/2009

  5. @You are needed
    The post starts really interesting and then talks about other religion. For your information, dear poster, read Deuteronomy 13 (http://www.skepticsannotatedbible.com/dt/13.html). You should kill your own son/wife/husband/parents if they don’t believe in God. Religions are a kind of mental infection that someone gets when very young, normally from their parents, that got it when they where children also and so on. There is no reason to believe a snake talked to Eva, biblical floods, commandments etc. These (the bible and koran) are texts written by a rudimentary humanity. One that hasn’t our current knowledge of the world. Do you really believe in such fairy tales? I bet you love your family, that’s what is really sacred, and confounds your sentiment of love for your family with the fairy tales propagated exclusively by tradition and will of control.
    R.

    Comment by Rodrigo | 10/07/2010

  6. Replace port 443 with 22 (session)
    Add port 1082 (tunnel)

    Comment by Moutasim Waheed | 18/03/2011

  7. Excellent Rodrigo!!!
    I really don’t have anything too add, your post is very clever and clear.

    Regards,
    Gustavo.

    Comment by Gustavo | 31/08/2011


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: