SSH reverse tunnel samba, not working?

harisund

This is my scenario-
Laptop, Windows 7, has a share called "SHARE" pointing to "C:\Users\hsundara". In a coffee shop.

pfsense at home. WAN address "hsundara.com". LAN address 192.168.11.1. ubuntu-box behind pfsense, with a LAN address 192.168.11.200

Running the following from Cygwin on laptop
ssh -R 0.0.0.0:445:192.168.11.1:445 hsundara.com

Running the following on ubuntu-box in the home network
mount.cifs //192.168.11.1/SHARE /home/hsundara/laptop-mount -o user=hsundara,nounix,noperm,nocase,rw,uid=500,gid=500

And I get the error
mount error(115): Operation now in progress

From what I understand, this has to do with name resolution rather than share problem.

The thing is, the same set of commands work for a machine we have at work. At work, a SLES box acts as a router, and there's a Ubuntu box behind the SLES box. I reverse tunnel my laptop's SAMBA port onto the SLES router, and connect to it from the ubuntu box and everything works. At home, it doesn't.

When I connect to pfsense with a "-vvv" option, I do see the following -
debug1: Remote connections from 0.0.0.0:445 forwarded to local address 192.168.11.1:445
debug1: remote forward success for: listen 0.0.0.0:445, connect 192.168.11.1:445
debug1: All remote forwarding requests processed

I even created a firewall rule on LAN
Source - LAN net
Port - *
Destination - LAN address
Port - 445
Gateway - *
Queue - none

Any idea why this is happening? Conceptually, everything seems straightforward.

EDIT –-
Ok, I ran a sockstat -4 -l command on pfsense, and I see this ->
root    sshd      77377 8  tcp4  127.0.0.1:445        :

This is definitely the issue. Why is it not listening on *:445 and only on 127.0.0.1:445 ???  How do I make it listen on *:445?

EDIT 2 –-
Ok, I created a new "PORT FORWARD" with the following settings -
IF = LAN
Proto = TCP
Src. addr = LAN net
Src. Ports = *
Dest. addr = LAN address
Dest. ports = 445
NAT IP = 127.0.0.1
NAT ports = 445

Pretty interesting. I am doing a port forward in the non-conventional sense, from the "inside", so to speak.

ReFleX

Wow, thanks for this post dude i was figuring this out to. I want to use rdp with a reverse tunnel from the company network. I was close to the sollution but the portforward part was missing! Iam gonna test this!

harisund

@ReFleX:

Wow, thanks for this post dude i was figuring this out to. I want to use rdp with a reverse tunnel from the company network. I was close to the sollution but the portforward part was missing! Iam gonna test this!

Let me know if you have any questions. I am not sure if I am understanding you right, but I don't think what I did here is going to be of help to you, but if it is, great !