SSH Tunnel – How to Make Local Network Accessible Behind NAT with SOCKS

nat;reverse-proxysocks-proxysshssh-tunnel

I have a

  • Local computer (behind NAT).
  • An intermediate server which is publicly accessible and has a
    fixed IP address.
  • Remote computer (behind NAT and not the same as local computer).

I’d like to temporarily share access to a website on the local network via the local computer and an intermediate server using SOCKS/SSH, so that a remote computer can view it. Is this possible when both the remote computer and the local computer are behind NAT? If yes, how?

                      NAT       -   Static Public IP  - NAT
Local Network <- Local Computer - Intermediate Server - Remote Computer

I know I can do this with ngrok and similar services, but I would like to learn how to do it myself using SSH and SOCKS.

Bounty: I will give preference to answers with example code and explanations on how to do it. Thank you.

UPDATE: I require SOCKS for dynamic port forwarding.
SOCKS with multiple hops

Best Answer

If you want/need dynamic port forwarding you could try the following configuration:

l-user : user on my-local-computer
i-user : user on intermediate
intermediate : ip address of the intermediate host

on my-local-computer: 

ssh -R 10022:localhost:22 i-user@intermediate

on the-remote: 

ssh -D 3456 -J i-user@intermediate -p 10022 l-user@localhost

The remote port forwarding between my-local-computer and intermediate must exist before the connection from the-remote is initiated.

In this configuration the-remote acts as an SOCKS5 proxy on port 3456 and forwards the traffic via the intermediate to my-local-comuter where it should end in your local lan.

Related Question