The scenario is that this is a SQL Server behind a corporate firewall with your standard setup to allow only minimal outbound traffic and zero inbound. However, port 80/443 are open, per the usual allowance.
Has anyone tried, or is it possible to
- Connect to a remote machine port 80, say using Telnet.
- On the local machine, note the bound address and port
[1], e.g.netstat - Disconnect from telnet. Start port forwarder and listen on
[1], mapped to SQL Server TCP/IP listener - On remote machine, connect to SQL Server on
[1]
What do you think? I just need to get some testing done and I don't want to move my huge database outside for this one-off. I am familiar with and have used UDP hole punching for NAT traversal, mainly for push to mobile phones, but am interested to know if this works with TCP as well.
References:
I am open to other suggestions.
Best Answer
I doubt that it's easy to do hole punching with TCP or switch the process connected to a port.
Try this for a reverse proxy through the firewall: http://www.dest-unreach.org/socat/doc/socat-gender.txt
This solutions relies on socat, a swiss-army-knife like network tool which can connect almost any two endpoints and is bidirectional, unlike netcat or the |-pipes in command processors. It should be available for Windows, too.
You can either use socat easily to forward a TCP connection, or in this case: Reverse the "gender" of it: You'll have two socats running, one on each side of the firewall. One continuously connects to the outside. On the outside, socat will wait for a connection from someone else. Only if he connects, the outside socat will accept a connection from the inside socat. Once the inside socat connects to the outside socat, it will connect to the SQL-server. Voila, you can connect from outside to the SQL-server inside, and from the point of the firewall and from the point of TCP the connection looked like it was actually from inside to outside.
To copy from the link: