Telnet over SSH port 22 for Remote Access



(Click on picture to make bigger)

Steps to Telnet over SSH (tunneling port 23 through port 22)


Remote PC needs putty.exe on it. Configure it with Document attached here TunnelWithPutty (3.3 MB size). or (Try This Putty Config) Like I said. Configure it to work on your LAN first. Establish a tunnel to your SSH server. Download CopSSH here.  What you do is create tunnel with putty.exe and then open up cmd prompt and telnet into with your new DNS name you made on DynDns website account. This is cool! DNS provider so you can reference your public IP with and updated DNS name.

Setup an account at and you can have free DNS name. For example, my remote access name on the public sector is say They give out free public name spaces that reference your dynamic public IP address. After establishing an acccount there, you can pick from many parent names such as (made that one up myself) but they have many parent names. You are allowed to name your child domain for example like mine “”. They give you a list of programs to install on your SSH server or computer that has internet access and that is on all the time. This IP updater, updates DynDns DNS servers with your Dynamic public ip from the inside of your LAN. This is nice to use to access your SSH server via name that will always have the most current public IP address.


Setup port forwading of port 22 only to your SSH server. No need to setup Telnet 23 port forwarding since you are tunneling through port 22. Kind of weird but it works.


SSH server with CopSSH running on this. You can also have your IP updater from DynDNS run on this server to keep your DNS name on the public DNS servers updated daily – I love this.


I have a Cisco 2511 access router setup with reverse DNS. DO a google on setting up you access server. Easy to setup. If you need any help you just ask me on this site. And I can help you figure your reverse telnet setup on your access router. Please first play with yourself. You can do it!

What I do also is setup an an ACL on this ethernet port to my Access Router to only allow telnet traffic on port 23 to come from my SSH server IP address only. Since once I have my SSH tunnel from public WAN to my Private LAN on my SSH server. I then like I said telnet again from the SSH server to my 2511. This is again because I have no image that has SSH server on it to my Access Server direct. If I had a SSH server on my 2511 router, I would have my firwall port forward to that. But maybe I am more secure have myself telnet again from my SSH server to the access router and having and ACL setup to allow port 23 traffic from my SSH server only. This might be more secure. It works well.


Finally, I looked up on the internet how to setup a Access router using reverse telnet and Loopback address. Do a google on setup of a Cisco Access router. Very cool to setup. Not hard at all. With my Access Router, I nolonger have to switch my console cable back and forth to all my Cisco devices. I just bring up one console and remote in to each device via one console session. Cool huh? I will eventuallly show you my setup for my access router on this blog soon. Enjoy!

Tips: Setup Tunnelling within your LAN first. Then try it from WAN to your LAN. 

Freaking Awesome Whale Talking. Thought this was cool to add to my blog! 


6 Responses to “Telnet over SSH port 22 for Remote Access”

  1. Dude, awesome post man. I have a 2509 coming in that I just purchased from Ebay. I’ll be sure to try this thing out.

    I don’t know about the whale though!! Sounds like someone had a lot of beans for dinner last night. HAHAHAHA!!!!

  2. dude, I like the whale..kind of cool communicating and all.. Yeah it does sound funny like beans and farts but cool to see animals communicate.
    Kind of like protocols communicating across network. I am going to post
    my reverse telnet setup for my access router as well. Cause it can be tricky.
    But is fun to setup. Thanks. Yeah, I am trying to add many skill-sets to my blog for CCNA training. I want to list all the things I have done in CCNA 802 training. Subnetting and all the different Frame-relay paticulars coming soon. I am trying to post something daily to finish my CCNA studies…This year around say September 2008 I plan to take my CCNA 802 and hammer it!

  3. Aragoen Celtdra Says:

    With enough time to study for 802 – until september – you’ll definitely smash that thing.

    Thanks for sharing your insights and showing dem skillzz!

  4. yeah, September is long way but I am going to make my blog very thorough. And have the $hit mastered. I know it is long time. But
    I want get it one shot. Then I plan on starting my CCNP studies soon
    after and restart a new site for CCNP studies and do the same thing
    like this blog.I am working on finishin my BS degree in computer science
    right now as well and very intense studying so that is why I am milking my CCNA studies…Plus raising a 16 year old and a new addition to family, a cat named Oscar! hahaa LOL thanks

  5. I’m trying to comunicate with my rack from WAN, outside
    I have cable modem, a Dlink dir-655 wireless home router, from the router, 3 ethernet cables go to my rack; 2 to the APS’s AP9211 remote power management’s ethernet cards; 1 goes to one of the rack switch for internet feed; this switch is connected to my 2511RJ access server which connects to all 16 units on the rack.
    I got a mac book pro with zterm and terminal for ssh or telnet use; the goal is to connect from anywhere to play with the rack; example; school while in class or while visiting another student.
    I need help how to configure the home router exactly to port forwarding. My router has dyndns but I was in the site and they only provide 1 free name; I got 2 internal ip addresses I need to access from the outside to be able to turn on/off all the pieces in my lab.
    Please advise

    • if you havent figured it out this is what you do.
      if you have two access routers this is what i did. You make a static port in the router say and yes use dynd dns it is awesome
      1. create static port forward say is your access router on port 22 say for ssh set that in your router that is after the ISP
      2. then of course you have to setup your ssh key on the access router.
      3. then in the access router either plug one of the cables into the other access router to have access or just in the 1st access router
      set up a telnet in you access router using the host ip address scheme on the access router so you can just type in the tellnet hostname
      and it works. I had to do that unless you have two separate IPS connections I dont know what to do but split it up like that.
      again, have one of your async cables hook up the access 2nd access router of telnet setup from the first one. that is how i woudl do it.

      oh you have to establish an account on dyndns and in their make sure when yuo type in the address you make up :22 at the end or add it to your address
      so when the packet hits your public router, it will be t hen directed to your 1st access router. get it?
      ps. you can always ask me question…i have set this up and it works on my home system email me at robert1 at itdaddy dot net and it can help you better

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: