I have an application (APP) which runs on a remote computer (COMPUTER_A) and connects to another remote computer (SERVER) on a specific port (PORT) to retrieve some information. Now, I want to deploy and run APP on another remote computer (COMPUTER_B). The problem is that SERVER is quite restrictive and only accepts incoming connections from COMPUTER_A. Is there a way to run APP on COMPUTER_B but make SERVER think that the connections are coming from COMPUTER_A?
Some facts:
- I have ssh access on both COMPUTER_A and computer_B, but not on SERVER.
- I do not have any kind of access on SERVER. I treat it as a back box.
- I do not have root privileges on COMPUTER_A and COMPUTER_B.
- COMPUTER_A and COMPUTER_B cannot listen for incoming connections (except for the ssh ports).
- COMPUTER_A and SERVER belong to the same internal network (TRUSTED_NETWORK).
Furthermore, SERVER also accepts requests from computers that are connected to the TRUSTED_NETWORK. This network is accessible via VPN. If I install APP on my personal laptop and connect to the VPN (via openconnect), then APP can communicate with SERVER successfully. However, I can't use openconnect on COMPUTER_B because it requires root access. I read online that it is possible to connect without root access (http://www.infradead.org/openconnect/nonroot.html) but all my attempts have failed so far.
Ideally I would like to achieve my goal using ssh tunneling, but answers using a "rootless" VPN solution are also welcome.
Here is my failed ssh-tunnel-based attempt:
Connect from my laptop to COMPUTER_A:
ssh user@COMPUTER_ARun on COMPUTER_A:
ssh -N -R 8888:SERVER:PORT user@COMPUTER_BThis returns:
debug1: remote forward success for: listen 127.0.0.1:8888, connect SERVER:PORT debug1: All remote forwarding requests processedConnect from my laptop to COMPUTER_B:
ssh user@COMPUTER_BI modify APP on COMPUTER_B to connect to 127.0.0.1:8888 and not to SERVER:PORT
I run APP on COMPUTER_B and I see:
debug1: client_input_channel_open: ctype forwarded-tcpip rchan 1 win 2097152 max 32768 debug1: client_request_forwarded_tcpip: listen 127.0.0.1 port 8888, originator 127.0.0.1 port 49174 debug1: connect_next: host SERVER ([SERVER_IP]:PORT) in progress, fd=6 debug1: channel 0: new [127.0.0.1] debug1: confirm forwarded-tcpip debug1: channel 0: connected to SERVER port PORTAlthough the above output looks "positive", APP never gets a response from SERVER.