SSH port forwarding enables access to network services running on the dedicated or management IP addresses of a managed device. Multiple users on multiple workstations can use SSH Port Forwarding concurrently.
Certain privileges are required to edit or view a port's forward configuration:
The Local Manager will attempt to forward incoming TCP traffic regardless of whether the destination is configured properly or not. Ensure the managed device is configured to listen on the port specified.
When using the SSH Applet on the Control Center, a Java Runtime Environment (JRE) must be installed on the user's workstation.
First, connect to the web interface of the Control Center and navigate to the Inventory page. Select a Local Manager from the Inventory tree to bring up its detail page. Launch the Control Center applet by clicking on the SSH button.
The managed device's management or dedicated IP address must be configured on the Local Manager. This can be configured using config init or config info.
[admin@LantronixLM (port1/1)]# config init
--- Enter New Values ---
description: []:
<output removed>
management IP: []: 198.0.2.100
Configure dedicated ethernet port? (y/n) [y]:
Use DHCP? (y/n) [n]:
dedicated device IP []: 169.254.100.2
dedicated port IP []: 169.254.110.3
dedicated netmask: []: 255.255.255.252
speed/duplex: [auto]:
<output removed>
Do you want to commit these changes? (y/n): y
Use the config protocols forward command to open the port forwarding configuration editor.
[admin@LantronixLM (port1/1)]# config protocols forward
[forward]#
Once in the editor, you can use the ? command to view a list of possible options.
[forward]# ?
Forward options are:
[no] management {port}
[no] dedicated {port}
[no] events
show
exit
Example: To enable traffic forwarding to port 80 on the managed device's management IP address, use management 80.
Example: To enable traffic forwarding to port 80 on the managed device's dedicated IP address, use dedicated 80.
Note that the port specified should match the listening port on the managed device. If the managed device is running an SSH server on its management IP address, forwarding should be configured as management 22.
To use the SSH Applet on the Control Center, navigate to a device in the Inventory tree and click on the SSH button. Once the Applet has loaded, click on Terminal in the menu bar and select Forward.
In this example, the Local Manager has already been configured to forward traffic to port 22 at the management IP address for the device on port 1/2. The screen above allows you to select which tunnels to create. On a device with multiple forwards configured, the above list would be longer.
To create a tunnel, check the box next to the port forwards you wish to enable. Then, select a local port to use for forwarding. If random is selected, the applet will select a random port on the workstation. Click Apply to save your settings.
If the forward was successful, the drop down box will turn green. If a random port was requested, the port number will be displayed in the green box.
If the drop-down menu turns red, this indicates the local port was unavailable and the tunnel was not created. Choose a different local port that is not currently in use.