0

I have an architecture which looks like this:

            |    - DMZ -    |
 ________   |   ________    |   _______
| CLIENT |  |  | SERVER |   |  | MYSQL |
|________|  |  |________|   |  |_______|
            |               |
            | <-FIREWALLS-> |

I need to connect from CLIENT (linux) to MYSQL (service running on linux). I cannot access the MYSQL box directly, but I can access the SERVER (linux). The SERVER can access MYSQL. I am trying to setup ssh port forwarding so that I can connect to the MYSQL process from CLIENT. I have executed this on the CLIENT:

ssh -Ngf -L 3306:MYSQL:3306 username@SERVER

This seems to work just fine, but I still cannot access MYSQL. I get an unknown host error. Any ideas what I am doing wrong?

Thanks in advance!

Improve this question
4
  • What's the mysql command you're running on the local machine after configuring the tunnel?
    – mikebabcock
    Commented Oct 8, 2014 at 16:36
  • @mikebabcock mysql --host=MYSQL --port=3306 is enough to get the unknown host error.
    – Rip Leeb
    Commented Oct 8, 2014 at 16:38
  • So it's not the ssh port forwarding that fails!? See edit of my answer. Please post all input and (error-) output in your question.
    – Jan
    Commented Oct 8, 2014 at 16:49
  • @nate that mysql command is the problem; it must connect to localhost (and my suspicion when I asked the question in the first place). I see you've resolved that already below now.
    – mikebabcock
    Commented Oct 8, 2014 at 18:59

1 Answer 1

Reset to default
2

I'd say that SERVER can't resolve MYSQL, try to give the IP of the MYSQL machine in your command. You also don't need -g as the remote machine won't connect back to you.

ssh -Ngf -L 3306:<IP-OF-MYSQL-HERE>:3306 username@SERVER

Edit

Don't forget that you need to connect to localhost:3306 once the port forward is in place, as your local post is forwarded to your MYSQL machine.

Improve this answer
4
  • 1
    If you add -v to the command, it will show the tunnel establishing (or failing) in the terminal window as well.
    – mikebabcock
    Commented Oct 8, 2014 at 16:37
  • @Jan I know that SERVER can resolve MYSQL because I can logon to SERVER and connect to MYSQL. Would an ssh affect that?
    – Rip Leeb
    Commented Oct 8, 2014 at 16:45
  • @Jan @mikebabcock I removed -g and added -v and did find a find error in there. I added -4 and now the tunnel seems to be established. FOr instance: debug1: Local connections to LOCALHOST:3306 forwarded to remote address MYSQL:3306 and ` Local forwarding listening on 127.0.0.1 port 3306.` However, I am still unable to resolve MYSQL from CLIENT.
    – Rip Leeb
    Commented Oct 8, 2014 at 16:47
  • Yep! Changing host to 127.0.0.1 did it! Thanks! Localhost did not work for some reason.
    – Rip Leeb
    Commented Oct 8, 2014 at 16:52

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .