You are not logged in.
- Topics: Active | Unanswered
#1 2012-07-24 11:09:38
- Garret
- Member
- From: Palermo, Italy
- Registered: 2006-07-09
- Posts: 172
How to connect to a SFTP server behind a NAT from an external PC
I have a router-server with openwrt which is behind a NAT and I cannot access to this router from an external pc because it doesn't come out with a public IP. Please don't ask me why but it is in this way.
I would like to use WinSCP on my windows office pc to access the content of this server but I don't know how and I was thinking to use a ssh tunnel. Do you think it could work? Or do you have other suggestions?
Really thanks in advance!!!
Offline
#2 2012-07-24 11:18:25
- tomk
- Forum Fellow
- From: Ireland
- Registered: 2004-07-21
- Posts: 9,839
Re: How to connect to a SFTP server behind a NAT from an external PC
Forward the required port(s) on whatever runs the NAT.
Why is your router behind NAT anyway? Can't it do NAT all on its own?
Offline
#3 2012-07-24 11:19:44
- Garret
- Member
- From: Palermo, Italy
- Registered: 2006-07-09
- Posts: 172
Re: How to connect to a SFTP server behind a NAT from an external PC
The NAT is my isp. It is called Fastweb and so I cannot do anything.
Offline
#4 2012-07-24 11:45:05
- Lone_Wolf
- Administrator
- From: Netherlands, Europe
- Registered: 2005-10-04
- Posts: 13,255
Re: How to connect to a SFTP server behind a NAT from an external PC
Does your isp provide you with a public ip-address and if so what kind : dynamic, fixed, IPv4 , IPv6 ?
What brand/ model of modem / router has your isp given you ?
What kind of connection do you get from them : adsl, cable, FTTH etc ?
Disliking systemd intensely, but not satisfied with alternatives so focusing on taming systemd.
clean chroot building not flexible enough ?
Try clean chroot manager by graysky
Offline
#5 2012-07-24 12:46:39
- Garret
- Member
- From: Palermo, Italy
- Registered: 2006-07-09
- Posts: 172
Re: How to connect to a SFTP server behind a NAT from an external PC
Does your isp provide you with a public ip-address and if so what kind : dynamic, fixed, IPv4 , IPv6 ?
What brand/ model of modem / router has your isp given you ?
What kind of connection do you get from them : adsl, cable, FTTH etc ?
Please as I said it's a very particular isp, maybe the only in the world with this stupid limitation. For sure I know that I cannot open any port. My router-server (a Netgear WNDR3800 with openwrt) is connected to the Fastweb modem. I have an adsl.
Offline
#6 2012-07-24 13:26:21
- tomk
- Forum Fellow
- From: Ireland
- Registered: 2004-07-21
- Posts: 9,839
Re: How to connect to a SFTP server behind a NAT from an external PC
OK - but at some point your traffic is routed on the internet, so you have a public IP assigned to you - you couldn't use the internet without one. I suggest you ask your ISP, or maybe other users of your ISP, for help. You seem to have a problem providing details which might be useful for solving your problem.
Offline
#7 2012-07-24 14:13:53
- Lynden
- Member
- Registered: 2011-11-10
- Posts: 23
Re: How to connect to a SFTP server behind a NAT from an external PC
Sounds like a reverse tunnel is your best bet then, but it requires an extra ssh server that is publicly accessible that acts a mediator.
http://en.gentoo-wiki.com/wiki/Reverse_Tunneling
Maybe one of those low end vps servers that go for 1~5$ can help you out there if you don't have one.
Last edited by Lynden (2012-07-24 14:14:09)
Offline
#8 2012-07-24 14:46:01
- ewaller
- Administrator
- From: Pasadena, CA
- Registered: 2009-07-13
- Posts: 20,326
Re: How to connect to a SFTP server behind a NAT from an external PC
Sounds like a reverse tunnel is your best bet then, but it requires an extra ssh server that is publicly accessible that acts a mediator.
http://en.gentoo-wiki.com/wiki/Reverse_TunnelingMaybe one of those low end vps servers that go for 1~5$ can help you out there if you don't have one.
One can also set up a reverse tunnel with a trigger. From outside the firewall, you need to make your server aware you are trying to reach it, and from where. I have done this by sending an email to the server in which contact information are coded. I have also done it by posting a file on a third party site that contains the contact information. The server watches for email, or for the magic file to appear on the third party server. When it receives the contact information, it establishes the reverse tunnel to the originating computer.
Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way
Offline
#9 2012-07-24 16:01:17
- Pres
- Member
- Registered: 2011-09-12
- Posts: 423
Re: How to connect to a SFTP server behind a NAT from an external PC
Have you contacted your ISP? I once had an ISP with a setup like this. I just gave them a call and asked if it would be possible to get a public IP and they gave me one with no questions asked. Worth a shot at least.
Offline
#10 2012-07-26 11:01:09
- Garret
- Member
- From: Palermo, Italy
- Registered: 2006-07-09
- Posts: 172
Re: How to connect to a SFTP server behind a NAT from an external PC
Sounds like a reverse tunnel is your best bet then, but it requires an extra ssh server that is publicly accessible that acts a mediator.
http://en.gentoo-wiki.com/wiki/Reverse_TunnelingMaybe one of those low end vps servers that go for 1~5$ can help you out there if you don't have one.
I would like that my router connects to my office pc which has a public IP. The office PC can't be always turned on and I only need to access the router from this pc so it is ok if I each time start the ssh daemon when I need.
Is it possible to perform a reverse tunnelling between my router and my office PC which has a public IP and then access always from my office windows pc with winscp to the content of my router?
I am pretty noob and If yes what would be the commands to execute on both the terminals?
Really thanks in advance!!!
Offline