Often you do not have direct access to a desired server, because a
firewall blocks the port or you are on another network than the server. But eventually
you may have access to a proxy server, from which you can access the desired server. For
example you would like to access an Oracle database on 192.168.151.2 on port 1521 with you local
SQL tools and you don't want to do it from the proxy server. With SSH port forwarding you
can establish a logical connection through the proxy an you
will then be able to access the Oracle database through it.
You can use the very common SSH client PUTTY to establish this
Port Forwarding using SSH
In order to use port forwarding to connect from your
local machine to a port on a remote server, you need to:
Choose a port number on your local machine (e.g.
5500) where PuTTY should listen for incoming connections.
Now, before you start your SSH connection, go to
the PuTTY Tunnels panel. Make sure the «Local» radio button is set. Enter
the local port (e.g. 5500) number into the «Source port» box. Enter the
destination host name and port number into the «Destination» box, separated
by a colon (e.g. 192.168.151.2:1521).
Now click the [Add] button. The details of your
port forwarding should appear in the list box.
Now start your session and log in to the proxy host.
To check that PuTTY has set up the port forwarding correctly, you can look at the PuTTY
Now if you connect to the source port number on your
local PC, you should find that it answers you exactly as if it were the service running
on the destination machine.
You can also forward ports in the other direction:
arrange for a particular port number on the server machine to be forwarded back to your
PC as a connection to a service on your PC or near it. To do this, just select the
«Remote» radio button instead of the «Local» one. The «Source
port» box will now specify a port number on the server.
Enter Source and Destination, then click Add Button
After clicking the Add Button
If you need to start a graphical application from the database server
(on 192.168.151.2) and the output should be displayed on your
local PC, then you must activate X11 forwarding in PUTTY.
Now log in to the SSH proxy server as normal. To check that X
forwarding has been successfully negotiated during connection startup, you can check the
PuTTY Event Log.
From the proxy server you must now enable X11 forwarding to the DB
server, this can be established with the -X option of ssh.
proxy> ssh -X firstname.lastname@example.org
Now you can start for example Oracle's runInstaller and the output is displayed on your local PC - do not
forget to start the cygwin X11 server on the PC.