With mobile development I often find myself out-of-the-office away from the development resources I need on a daily basis. I was recently out-of-the-office (OK, I was at home sitting on my couch but close enough) and I needed to access a Windows machine at the office via Remote Desktop. The only problem was it was behind a firewall in our companies internal 192.x.x.x network. Surprisingly, accessing it from home was quite simple.
I have a MacBook so I opened up the Terminal app and entered this:
ssh -l jsambells -L 3390:192.168.1.100:3389 example.dev.box cat -
Then all I had to do on my MacBook was enter
localhost:3390 into Microsoft’s Remote Desktop Connection app and login to the Remote Desktop.
This is what’s know as an SSH tunnel. Basically it creates a secure connection that forwards a port on one machine to another. My above command contains several components:
3390is the local port on my MacBook that I’ll be using to connect to the Remote Desktop in the office. This could be any port above 1024 and below 32768. Doesn’t matter.
192.168.1.100is the example IP address of the machine I want to access on the internal network. This IP must be accessible by the machine at
3389is the standard port number for Remote Desktop connections.
example.dev.boxis a publicly accessible machine that can also connect to the internal machine.
cat -is a command that won’t finish so the connection stays alive.
The trick here is that I needed a machine that could connect both the the internet at large and to the internal company network (which I happen to have at example.dev.box). The command uses an SSH tunnel to forward the traffic between
localhost:3390 and any connections to
192.168.1.100 on port
example.dev.box. Connecting locally at home to
localhost:3390 is the same as connecting to
You can use similar techniques to secure any traffic, such as your email or bypass firewall restrictions.