Port forwarding via SSH

You are here:
Estimated reading time: 1 min

It is possible to use SSH tunneling to access http resources over an SSH connection. This means that the firewall can block all incoming HTTP requests over WAN and accept only SSH requests. Once the SSH connection is established (it is believed to be secure as the public and private keys must match), it is possible to forward requests over the tunnel to get HTTP access.

For this to work, you need to have configured SSH access to your router first and enable the rule AcceptSSHWAN in Network > Firewall > Traffic rules:

Configuration on Linux/Mac

On Linux/Mac, the port forwarding can be triggered by executing following command:

ssh -L 8080:127.0.0.1:80 root@<public_ip_of_router>

Configuration on Windows

On Windows computers, you need to add the port forwarding settings in Connection > SSH > Tunnels.

Source port is 8080
Destination is 127.0.0.1:80 Local.
Click Add and then Open.

Test HTTP access over the SSH tunnel

Once this is configured, you will be able to go to your preferred browser and get access to your router by entering URL http://127.0.0.1:8080

This way, it is possible to reject HTTP requests and grant access to the web interface to authorized users only (i.e. the ones with an allowed SSH key).

Was this article helpful?
Dislike 0 1 of 1 found this article helpful.
Views: 155
Back to Top