Telnet over SSH port 22 for Remote Access
(Click on picture to make bigger)
Steps to Telnet over SSH (tunneling port 23 through port 22)
Remote PC needs putty.exe on it. Configure it with Document attached here TunnelWithPutty (3.3 MB size). or (Try This Putty Config) Like I said. Configure it to work on your LAN first. Establish a tunnel to your SSH server. Download CopSSH here. What you do is create tunnel with putty.exe and then open up cmd prompt and telnet into with your new DNS name you made on DynDns website account. This is cool! DNS provider so you can reference your public IP with and updated DNS name. DynDNS.com.
Setup an account at DynDns.com and you can have free DNS name. For example, my remote access name on the public sector is say itdaddy.bluecow.com. They give out free public name spaces that reference your dynamic public IP address. After establishing an acccount there, you can pick from many parent names such as bluecow.com (made that one up myself) but they have many parent names. You are allowed to name your child domain for example like mine “itdaddy.bluecow.com”. They give you a list of programs to install on your SSH server or computer that has internet access and that is on all the time. This IP updater, updates DynDns DNS servers with your Dynamic public ip from the inside of your LAN. This is nice to use to access your SSH server via name that will always have the most current public IP address.
Setup port forwading of port 22 only to your SSH server. No need to setup Telnet 23 port forwarding since you are tunneling through port 22. Kind of weird but it works.
SSH server with CopSSH running on this. You can also have your IP updater from DynDNS run on this server to keep your DNS name on the public DNS servers updated daily – I love this.
I have a Cisco 2511 access router setup with reverse DNS. DO a google on setting up you access server. Easy to setup. If you need any help you just ask me on this site. And I can help you figure your reverse telnet setup on your access router. Please first play with yourself. You can do it!
What I do also is setup an an ACL on this ethernet port to my Access Router to only allow telnet traffic on port 23 to come from my SSH server IP address only. Since once I have my SSH tunnel from public WAN to my Private LAN on my SSH server. I then like I said telnet again from the SSH server to my 2511. This is again because I have no image that has SSH server on it to my Access Server direct. If I had a SSH server on my 2511 router, I would have my firwall port forward to that. But maybe I am more secure have myself telnet again from my SSH server to the access router and having and ACL setup to allow port 23 traffic from my SSH server only. This might be more secure. It works well.
Finally, I looked up on the internet how to setup a Access router using reverse telnet and Loopback address. Do a google on setup of a Cisco Access router. Very cool to setup. Not hard at all. With my Access Router, I nolonger have to switch my console cable back and forth to all my Cisco devices. I just bring up one console and remote in to each device via one console session. Cool huh? I will eventuallly show you my setup for my access router on this blog soon. Enjoy!
Tips: Setup Tunnelling within your LAN first. Then try it from WAN to your LAN.
Freaking Awesome Whale Talking. Thought this was cool to add to my blog!