Is it possible to initiate port redirection over ssh from MT to other hosts? Generally, I have ssh2 account on outer host and some servers in my private net behind MT.
I do that, kinda…
Login to outer MT box, then in outer box:
/system
ssh admin@xxx.xxx.xxx.xxx
Replace xxx.xxx.xxx.xxx with localnet ip of inner MT box. Ya esta!
port redirection, not only shell access, as if I run this command on linux box:
local1:~ $ ssh user@remote2 -R 12345:server3:80
then port 12345 on remote2 become redirected to server3:80, so
client4:~ $ telnet remote2 12345
…welcome to server3…
remote2 is ‘ssh box’, without any port redirection tools except sshd itself.
Others recommend a VPN. I use 2 ip addresses on the public interface instead. One I keep routed to the outside MT box (Mom). The other ip I route to the inner MT box (child) with /ip firewall nat. Do you have 2 ips on your outer interface to be able to route one? If not, you could lose control of your outer box (Mom). That is not good.
i vaguely remember that port redirection works… but why not just test it, it only takes a few seconds to setup right ?