Screen share host behind NAT using reverse SSH tunnel

Forums / NoMachine for Linux / Screen share host behind NAT using reverse SSH tunnel

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
  • #9353

    I have a host installed in the field that I need to connect to – call it ‘remote’.  This host is only connected to the internet with an iPhone plugged into the USB port.  ‘Remote’ can hit anything on the internet but nothing on the internet can hit ‘remote’ because the iPhone provides a double NAT network to ‘remote’.

    I want to sit in my office and connect to ‘remote’ with NoMachine to control the ‘remote’ desktop.

    I have a server in the cloud that has openssh-server installed – call it ‘relay’.

    On ‘remote’, I executed:
    ssh -fN -R 10022:localhost:4000 ubuntu@a.b.c.d

    to create a reverse ssh tunnel so that port 10022 on ‘relay’ will be forwarded to port 4000 on ‘remote’.

    Now, it seems that if I create a NoMachine connection on my desktop – call it ‘desktop’ – that connects to ubuntu at a.b.c.d on port 10022, it should be forwarded to port 4000 on ‘remote’.

    I set up NoMachine on ‘remote’ by running /usr/NX/bin/nxplayer and noticed it was using port 4000.  (Seems like maybe I should instead be starting some kind of server.)

    When I try to connect to ‘remote’ from ‘desktop’, the connection times out.

    Maybe I’m making this too complex.  Does NoMachine have a better way of hitting a host behind NAT?  (Nothing outside can initiate a connection to ‘remote’.)  Is my method OK but doing some step wrong?

    I would greatly appreciate any help!



    Additional environment info:

    • NoMachine free version, latest download
    • All hosts: Ubuntu 14.04
    • Physical display


    Please try one of these commands:

    ssh -fN -R YourOfficeIP:10022:localhost:4000 ubuntu@a.b.c.d


    ssh -fN -R *:10022:localhost:4000 ubuntu@a.b.c.d

    In the first command replace ‘YourOfficeIP’ with the IP address of your office, if the IP address of your office is static.

    The second command allows you to connect through SSH tunnel from any address on the Internet.



Viewing 3 posts - 1 through 3 (of 3 total)

This topic was marked as solved, you can't post.