#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2013
    Posts
    8
    Rep Power
    0

    Port forwarding to apache server


    Hello,
    I'd like to view an admin page for an application running on an Apache server, but my only access to the server is through SSH, and I need to use a regular graphical browser to view the admin page for it to work. I'm trying to use port forwarding from my laptop, and after some research, I found this command in SSH

    ssh -L 8080:<remote_server_IP>:80 <my_laptop_name>

    which as I understand it should connect port 80 on my laptop to port 8080 on the Apache (where I access the admin page) so that I can use my desktop browser.

    However, when I try that, I get an error saying my laptop name couldn't be resolved. I've got my laptop behind a Netgear router, and I suspect that might have something to do with this command not working, but I'm not sure what the next step is, or if that's even the issue. Can anyone point me in the right direction to go further?
    Thanks
  2. #2
  3. Lord of the Dance
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Oct 2003
    Posts
    3,614
    Rep Power
    1945
    The server is most likely behind firewall and a router.
    You will have to open the port on the network on which the server is connected to.
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2013
    Posts
    8
    Rep Power
    0
    Ah, so I've got to change the settings on the router for the server to give access to port 8080?
  6. #4
  7. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Mar 2008
    Posts
    186
    Rep Power
    7
    Originally Posted by retrocoder
    Ah, so I've got to change the settings on the router for the server to give access to port 8080?
    Both. For remote access the port will need to be forwarded in the router to allow access to port 8080. This is not required for a connection over a LAN

    So, forward port 8080 in your router and make sure you have the exception added to allow incoming traffic to port 8080 in your servers firewall.
  8. #5
  9. No Profile Picture
    Grumpier old Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Jun 2003
    Posts
    14,430
    Rep Power
    4539
    The only open port needed on the server end is the ssh port (usually 22). You don't need to open any other router/firewall ports at the server, and you don't need to open any ports on your workstation.

    You can use any arbitrary port from your workstation, like:

    ssh -L 12345:<apache server ip>:80

    Then on your remote workstation, open your web browser to http://localhost:12345

    You may find problems with some web pages that have absolute links, such links won't understand the port part of the url.
    Last edited by Doug G; August 11th, 2013 at 12:13 AM.
    ======
    Doug G
    ======
    Bartender to Rene Descartes "have another beer?" Descartes: "I think not" and he vanished.
    --Alfred Bester
  10. #6
  11. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2013
    Posts
    8
    Rep Power
    0
    I ran the command without the computer name at the end, and it ran without error, but when I tried to navigate to localhost:<port number>, my browser couldn't make a connection still. I was talking to someone else, and he mentioned that it could be that my ISP is blocking port 70 on my computer, since I don't have a dedicated IP address. Before I upgrade my plan to see if that solves the issue, I wanted to double check here and see if that sounds correct.
  12. #7
  13. No Profile Picture
    Grumpier old Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Jun 2003
    Posts
    14,430
    Rep Power
    4539
    It doesn't matter if your ISP blocks port 80 because you never send anything on port 80 through your firewall. When you port tunnel over an ssh connection, only the ssh port traffic needs to get though the firewall.

    Exactly what command did you run without any error and without any server name at the end ??
    ======
    Doug G
    ======
    Bartender to Rene Descartes "have another beer?" Descartes: "I think not" and he vanished.
    --Alfred Bester
  14. #8
  15. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2013
    Posts
    8
    Rep Power
    0
    Hi Doug,
    I ran this command

    ssh -L 8080:<apache server ip>:80

    (but with the server IP filled in), and then tried to navigate to

    http://localhost:8080 with my desktop browser.

    Brian
  16. #9
  17. No Profile Picture
    Grumpier old Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Jun 2003
    Posts
    14,430
    Rep Power
    4539
    Can you ssh to the web server computer and log in to a shell without any port tunneling? Your ssh connection needs to be established for tunneling ports. Normally you'd use a ssh client program like putty for windows, or the linux built-in ssh client, to make your connection.

    Initially I'd try to make the connection using the remote server IP not it's name or url, something like:
    ssh <user>@<server_ip>
    If this works, then your port forwarding should work as long as the web server is running a ssh server, and isn't blocked somehow from responding to http requests from it's localhost IP.

    Make sure you can connect without port forwarding before trying to tunnel the http port is my recommendation.
    ======
    Doug G
    ======
    Bartender to Rene Descartes "have another beer?" Descartes: "I think not" and he vanished.
    --Alfred Bester
  18. #10
  19. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2013
    Posts
    8
    Rep Power
    0
    Right, I'm using Putty to connect to the server from my laptop, without port tunneling, and then I enter the command above.
  20. #11
  21. No Profile Picture
    Grumpier old Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Jun 2003
    Posts
    14,430
    Rep Power
    4539
    Just set up the tunneling in Putty itself is easiest. I don't even know how you add a port tunnel in putty on windows after the connection is already made, other than using the putty GUI.
    ======
    Doug G
    ======
    Bartender to Rene Descartes "have another beer?" Descartes: "I think not" and he vanished.
    --Alfred Bester
  22. #12
  23. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2013
    Posts
    8
    Rep Power
    0
    Excellent! I tried the tunnelling GUI on Putty and it worked! Thanks Doug!

IMN logo majestic logo threadwatch logo seochat tools logo