3

I have a test app I run locally, and use remote port forwarding to give others access to it.

This was working just fine, until I set up a new server instance on EC2.

The EC2 server runs CentoOS 7. No firewalls are running, I have set SELinux to permissive, I have opened a port in the security group rules. I then run

ssh -v -N -R port_num:localhost:port_num 

(where port_num is actually a port number), and I can see the connection coming on. I also checked netstat on the remote server and I can see the port number being listened on.

This used to work, but doesn't on this machine. I'm thinking this is either EC2 related, or CentOS 7 related, but have run out of things to try.

While running tcpdump on the remote server, I did notice that requests coming in on eth0 had length 0. Not sure why or if this isn't a red herring, but worth mentioning.

Any ideas on something I've left out?

Thanks!

EDIT 1

Added a quick web app that listens on the port I want to forward, and shows a "Hello, World!" page. I am able to access that without issue, so port 8080 on the EC2 instance is open and receiving requests. It's just the port forwarding that isn't working.

I tried

ssh -v -N -R 0.0.0.0:port_num:localhost:port_num

But that didn't seem to help either.

EDIT 2

If I run my web app locally, run ssh -N -R port_num:localhost:port_num, then ssh from another terminal into the remote server, then curl http://localhost:port_num/test, I get a response from my local server. So the forwarding is working. It's just that requests coming from an external browser which go to eth0 don't get forwarded. Not sure how this was accomplished in the old server (it just worked), any ideas what I should be doing to make this work? Again, iptables is disabled, and was disabled on the old server as well.

2
  • What is the problem that occurred? And what is in the logs? Commented Feb 10, 2015 at 17:20
  • The requests are not being forwarded to my local machine. Which logs are you referring to? dmesg did not yield anything useful. Where else should I be looking? Commented Feb 10, 2015 at 17:28

1 Answer 1

4

Oh, silly me. I forgot a step, which is to set GatewayPorts on in sshd_config.

Much ado about nothing. Hope this post helps someone in the future.

1
  • ha, thank you! I've remote port forwarded a few times before, and just spend an hour troubleshooting until a ran across your post. I set GatewayPort yes, but forgot to uncomment it!
    – modulitos
    Commented Jul 30, 2015 at 11:53

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .