2

The situation is simple: I am on a network (intranet) where I don't/can't control the router. You can basically assume all I have is one ethernet port and any number of machines.

I want to run a server accessible using at least HTTP, and, additionally, if possible, FTP and SSH, using the cheapest (and easiest) way.

Is it at all possible?

EDIT: Wow, there's many answers now!

So, a quick run-down:

  • I do not have a public IP
  • Reverse tunneling might work
  • Optimally I would want ports 80/21/22.
  • If I had a server outside, with ssh capabilities, I wouldn't have asked. Tunnels are easy.
  • I am not actually in the place yet.
  • It's a university hostel.
Improve this question

4 Answers 4

Reset to default
2

Since you have no access to the router, there's no way to make it publicly accessible via IPv4. You might be able to make it IPv6-accessible if you use a tunneling protocol that supports traversing NAT. In all cases it can be made accessible internally.

Improve this answer
4
  • i'm sure i've done reverse tunneling with ipv4 addresses.. don't see why it'd need ipv6
    – barlop
    Commented Nov 3, 2010 at 12:08
  • @barlop: You still need an external server for SSH. And if you have an external server, why do you need an internal server?
    – Ignacio Vazquez-Abrams
    Commented Nov 3, 2010 at 12:10
  • the method I speak of, ssh reverse tunneling. The SSH server is a SOCKS proxy. So is generic(maybe a SOCKS proxy). The other client-server pair can be many kinds, HTTP, FTP, and perhaps anything.
    – barlop
    Commented Nov 3, 2010 at 14:10
  • also, you get the reversing capability by having 2 pairs. see my answer.
    – barlop
    Commented Nov 3, 2010 at 14:11
1

First, do you have a public IP address (i.e., not 10.x.x.x or 192.168.x.x)? When you go to http://whatismyipaddress.com/ does it show the same address as your computer believes its IP address to be?

If so, then congratulations! It's (probably) possible for the outside world to access your machine directly!

If that's the case, then it's basically just a matter of setting the desired services up and seeing whether the router allows you to access them from an outside machine.

If, on the other hand, the router is doing NAT and/or blocking the relevant ports, then your options are very limited. Depending on the details of what that router does and doesn't allow, you might be able to tunnel traffic in from an outside box, but, really, if you have access to a suitable machine to do the tunneling from, then you may as well just set your server(s) up there.

Improve this answer
3
  • You are totally wrong. He can ping websites. If he was on a router, then you mean is his router's interface to the internet has an ip - a public ip. He can't access any website(so NAT is irrelevant to the problem). He is on a 3G modem, I haven't used one but I don't think they have NAT. It's probably just a one computer device. I don't know if he has tried removing the 3G thing and just connecting with a cable to a router. But I guess he has. It looks like a windows issue.
    – barlop
    Commented Nov 3, 2010 at 16:59
  • 2
    He is on a 3G modem -- are we reading the same question here, @barlop? And I think Dave's answer is very well a possibility. We've seen questions here by folks who get multiple public IP addresses from their internet provider. In some question someone even specifically asked How is it possible to have two different public IPs behind a cable-modem and a router? after seeing two computers each getting a public IP address.
    – Arjan
    Commented Nov 3, 2010 at 18:30
  • ah, thanks for spotting that.Yes, I was commenting on another question I had been reading.. Interesting thing you mention about the multiple public IPs. I think in this question, the implication in the question is that the router uses NAT. The questioner doesn't look like a complete ignoramous, and has asked a classical question, and it's easy to see the issue he faces. I think he wrote that he can't control the router , because it is relevant! The only reason I can see why him not controlling the router is relevant,is because it does NAT, which is no suprise 'cos it's so common.
    – barlop
    Commented Nov 3, 2010 at 19:49
0

If this is not some corporate environment bus some simple setup (like a shared internet connection in an apartment building) then Universal Plug and Play might open up the ports you need.

(But to answer that, we need many more details. And if you want to use common ports like 22, 80 and 443 then someone else might already be using those.)

Improve this answer
5
  • Not to mention that I can't see any sane router opening ports below 1024.
    – Ignacio Vazquez-Abrams
    Commented Nov 3, 2010 at 6:59
  • he doesn't really have to specify whether he wants to use a common port or not 'cos a good answer could explain the difference you offer in explanation, for a port below 1024, or a port above. Then the answer would help more people And educate people better including the person asking the question(if he needs to be "educated"! though he hasn't said anything silly).I don't see why he has to tell you which port.If somebody already has a port open on it, then that may or may not help. He can know that and doesn't need to tell you which port.The answer isn't or is barely port specific!
    – barlop
    Commented Nov 3, 2010 at 16:54
  • @Ignacio, I guess I'd like to agree, but it depends on the definition of "sane". My provider has given me a Thomson ST780 modem/router. If I have UPnP enabled (the default) and also something called "Extended Security" (also the default) then on my Mac Port Map opens up forwarding of port 80 without any questions whatsoever. (Yes, a virus/trojan can do the same.)
    – Arjan
    Commented Nov 3, 2010 at 17:31
  • @barlop, I don't quite follow what you're trying to say. All I meant was that another user in the same building (if that is the usage scenario) might already have taken port 80. In that case, the OP needs to settle with using another public port (and the users of the HTTP server need to specify that different port too then). That's all.
    – Arjan
    Commented Nov 3, 2010 at 17:34
  • I see..I thought you were asking for what port it was for, but on second read, you're not. I see you asked him for details, but not which details. Also in many cases, asking for details to the extent that your answer is overly specific, is not as good as an answer that covers the IFs, if there are any and if it's feasible to give them.
    – barlop
    Commented Nov 3, 2010 at 19:34
0

I've done it before..

An SSH server sits on the computer with FTP client.

An SSH client sits on the computer with FTP server.

Each computer connects to itself. Then the computer with the SSH client connects to the computer with SSH server.

The process is called a reverse tunnel. SSH can do it.

Infact VNC can do a similar thing functionally but uses just 2 elements. and terminology they use is that a server initiates a reverse connection to a listening viewer.

There are many tutorials on reverse tunneling online.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .