4. SSH reverse tunnel samba, not working?

SSH reverse tunnel samba, not working?

  • H

    This is my scenario-
    Laptop, Windows 7, has a share called "SHARE" pointing to "C:\Users\hsundara". In a coffee shop.

    pfsense at home. WAN address "hsundara.com". LAN address 192.168.11.1. ubuntu-box behind pfsense, with a LAN address 192.168.11.200

    Running the following from Cygwin on laptop
    ssh -R 0.0.0.0:445:192.168.11.1:445 hsundara.com

    Running the following on ubuntu-box in the home network
    mount.cifs //192.168.11.1/SHARE /home/hsundara/laptop-mount -o user=hsundara,nounix,noperm,nocase,rw,uid=500,gid=500

    And I get the error
    mount error(115): Operation now in progress

    From what I understand, this has to do with name resolution rather than share problem.

    The thing is, the same set of commands work for a machine we have at work. At work, a SLES box acts as a router, and there's a Ubuntu box behind the SLES box. I reverse tunnel my laptop's SAMBA port onto the SLES router, and connect to it from the ubuntu box and everything works. At home, it doesn't.

    When I connect to pfsense with a "-vvv" option, I do see the following -
    debug1: Remote connections from 0.0.0.0:445 forwarded to local address 192.168.11.1:445
    debug1: remote forward success for: listen 0.0.0.0:445, connect 192.168.11.1:445
    debug1: All remote forwarding requests processed

    I even created a firewall rule on LAN
    Source - LAN net
    Port - *
    Destination - LAN address
    Port - 445
    Gateway - *
    Queue - none

    Any idea why this is happening? Conceptually, everything seems straightforward.

    EDIT –-
    Ok, I ran a sockstat -4 -l command on pfsense, and I see this ->
    root    sshd      77377 8  tcp4  127.0.0.1:445        :

    This is definitely the issue. Why is it not listening on *:445 and only on 127.0.0.1:445 ???  How do I make it listen on *:445?

    EDIT 2 –-
    Ok, I created a new "PORT FORWARD" with the following settings -
    IF = LAN
    Proto = TCP
    Src. addr = LAN net
    Src. Ports = *
    Dest. addr = LAN address
    Dest. ports = 445
    NAT IP = 127.0.0.1
    NAT ports = 445

    Pretty interesting. I am doing a port forward in the non-conventional sense, from the "inside", so to speak.

    0
  • R

    Wow, thanks for this post dude i was figuring this out to. I want to use rdp with a reverse tunnel from the company network. I was close to the sollution but the portforward part was missing! Iam gonna test this!

    0
  • H

    @ReFleX:

    Wow, thanks for this post dude i was figuring this out to. I want to use rdp with a reverse tunnel from the company network. I was close to the sollution but the portforward part was missing! Iam gonna test this!

    Let me know if you have any questions. I am not sure if I am understanding you right, but I don't think what I did here is going to be of help to you, but if it is, great !

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy