Technology Blog

@magento why is the admin area sooo slow on my internal dev server? Something must not be resolving properly, why external calls?

@alexmbt I already got invited to a sister event on July 28th…I’ll be sure to invite you this time.

@magento congrats on reaching 1 million downloads!!!

Net party networking event was a mix of networking and a singles night out. Wish there was a few more connects in the med size biz cat

Whoo, this article is going to a bit of a mess but to someone out there very distant it will make complete sense to them – to this person (even if it is myself in a year from now) is why I am writing the article.

So I use VNC almost every day. It is a great, powerful, and free tool. Usually I use it in a reverse vnc fashion. I open up the port 5500 on my firewall/router and then all of my clients no matter where they are can “right click, add new client” as they know it – weather or not they have corporate firewalls ports opened/closed. It’s great!

Well this week I moved into a second office in NYC where I will be working several or all days of the week – and I do not have my own internet access or even access to the corporate firewall here. So I cannot open ports on the firewall here to let my clients connect to me from all abroad.

I knew there was an “easy” solution – one that I thought would take 5 minutes to implement – of course I am writing this after 6 hours of trying, failing, repeat! But I did get it to work and it’s pretty cool!

Basically I have 4 pieces to the puzzle:
-My Desktop
-Firewall
-Linux Server on the internet
-End User

On my desktop I set up a Remote Port forwarding to the linux machine via ssh.


ssh me@mymachine.com -R 5500:localhost:5500


This got me through the firewall and onto my linux machine. It basically says any data from port 5500 on the linux machine send to my desktop.

I quickly connected to the server via ssh and tried it:

[root@backup ~]# telnet localhost 5500
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.

AWESOME!!! It worked – or so I thought. Then I went to an end user machine out there on the very big internet and tried from them:
[me@some-other-very-far-machine ~]$ telnet mymachine 5500
Trying xx.xxx.xxx.xxx...
telnet: connect to address xx.xxx.xxx.xxx: Connection refused
telnet: Unable to connect to remote host: Connection refused

What the heck? I was stumped. I then figured out that the port forwarding was limiting sending data only from the local interface to the local port forwarding. What I wanted to do was cross the external interface with the internal interface. After a few hours of trying all crazy iptables rules I finally figured it out. It requires no iptable rules and a simple text edit to /etc/ssh/sshd_config and it is:


GatewayPorts no
change to
GatewayPorts yes