Add servers behind a Tunnel Host in SSH Gateway or Add servers that are accessible via port forwarding via the ssh gateway server.
Adding Servers via Tunnel Host in SSH Gateway or Servers Accessible via Port Forwarding through SSH Gateway
Overview: This article outlines how to use Ezeelogin's Tunnel Host feature to integrate servers behind NAT or routers into the SSH gateway. By forwarding ports through a designated Tunnel Host, it enables secure access to servers with private IPs via a public IP gateway.
Tunnel Host feature lets you add in server in a LAN or behind router on a different network into the Ezeelogin SSH gateway. As shown in the diagram below, Server A & B can be added into the SSH Jumphost even though they are behind a NAT hence has private IPs.
In such scenario the tunnel host feature would be useful to add in servers into the ssh gateway that has only public ips. Tunnel host lets you add in servers that are behind a Router R but has the ports being forwarded so that the machines in LAN can be accessed.
Tunnel Host feature is used to add target servers that are not directly accessible but can be accessed only via forwarded ports on the tunnel host server RouterR.eznoc.com. Tunnel Host variable is found under the Advanced section while adding a new server.
To add and access the SSH server on ServerA.eznoc.com with the private ip 192.168.1.2 behind RouterR.eznoc.com, we enter the values as shown below. The forwarding port of 9999 on RouterR.eznoc.com is entered in the SSH port field.
Under the Advanced settings of ServerA.eznoc.com, the Tunnel Host is set as RouterR.eznoc.com so its ip address of 200.11.1.22 is entered as shown below.
Similarly, to add and access the RDP server on ServerB.eznoc.com with private ip address 192.168.1.3 behind RouterR.eznoc.com, we enter the values as shown below. We disable the SSH field since this is a windows server. The forwarding port of 8888 on RouterR is entered in the SSH port field.
Under the Advanced settings of ServerA.eznoc.com, the Tunnel Host is set as RouterR.eznoc.com so its ipaddress of 200.11.1.22 is entered as shown below.
Related Articles