I've got a server at work behind a firewall which hosts a number of different services (web, ssh, ftp, etc). Server has access to the internet but it's not accesible from the internet. So I'm trying to SSH from the server to my Mikrotik at home, and open a port remotely so I can access the internal/firewalled services through the SSH tunnel between the mikrotik at home and the server behind the firewall.
I'm perfectly able to establish the SSH connection by running this command on the internal server:
Code: Select all
ssh admin@<mikrotik_ip> -R 8080:localhost:80
So above command is trying to connect via ssh to the MK listening on port 22, remotely open port 8080 on the MK and listen locally on port 80, allowing me to access the server's web-server by connecting with a browser to <mikrotik_ip>:8080 from any other internet location. Of course <mikrotik_ip> is the public IP addres the MK got on its WAN (ether1).
This is nothing but a classic workaround for such an scenario, and it's known working using a linux server instead of a mikrotik router. I've tested it myself several times on several different Linux distributions, platforms and architectures.
The problem I'm experiencing with the MK as the SSH server is that the connection is established correctly, but when I get the CLI prompt showing the welcome banner, the following warning is shown:
Code: Select all
Warning: remote port forwarding failed for listen port 8080
I tried opening port 8080 on the MK's firewall and still not working.
I also enabled forwarding per the manual https://wiki.mikrotik.com/wiki/Manual:IP/SSH but it's still not working.
Code: Select all
/ip ssh
set forwarding-enabled=yes
Searched the forum and found tons of examples and other issues related to LOCAL (ssh -L) port forwarding but nothing for REMOTE (ssh -R). I did test the exact same command above, but with the "-L" like this:
Code: Select all
ssh admin@<mikrotik_ip> -L 8080:localhost:80
and it works perfectly. i.e: the other way, when I access <localhost>:8080 from the server I get the MK's web GUI.
-------------------------
Here is my platform:
Code: Select all
[admin@MikroTik] > system resource print
uptime: 1d12h55m51s
version: 6.35.4 (stable)
build-time: Jun/09/2016 13:12:02
free-memory: 85.2MiB
total-memory: 128.0MiB
cpu: MIPS 74Kc V4.12
cpu-count: 1
cpu-frequency: 600MHz
cpu-load: 4%
free-hdd-space: 99.0MiB
total-hdd-space: 128.0MiB
write-sect-since-reboot: 7859
write-sect-total: 1389949
bad-blocks: 0%
architecture-name: mipsbe
board-name: RB951Ui-2HnD
platform: MikroTik
Server from which I'm running the SSHs is an Ubuntu server 16.04 LTS.
Am I missing anything for REMOTE SSH port forwarding or is it just not supported?
Hope someone could help!
Thank you!
Nico