Firewall traversal using SSH
Firewall Traversal Using SSH
There is a method of getting around the "NAT issue" with TCP incoming connections, by using ssh.
If you have access to an OpenSSH server (can be anywhere on the net) that has (or you can talk the admin into turning on) ~GatewayPorts, then you can redirect 6881 inbound to your Azureus client. This should work even if you're NATing your own network, or behind a denyall fireway and forced to use a SOCKS server. Should also work on all platforms.
When setting up your SSH connection to the server, you want to setup "remote port forwarding"; in openssh that's the -R flag: example: ssh -R 6881:localhost:6881 email@example.com
If you're using a windows box, a few things to note:
- Windows doesn't seem to include 127.0.0.1 when binding to 0.0.0.0. So in Azureus' Options, set the Bind port to 127.0.0.1. I haven't tested in Linux, but this shouldn't be a problem.
To configure the client:
- in the Options panel, under transfer, allow multiple connections from same IP, as all inbound connections appear to come from 127.0.0.1 to the client
- in Options, Connection, Override Options, configure the IP/port you will be useing on your SSH sever
Some things to note about SecureCRT:
- if you're trying to use SecureCRT, I recommend installing cygwin, and use OpenSSH instead. SecureCRT seems to die after so many inbound connections are opened.
If you're going to use secureCRT anyway, you will need to open up the inbound filter. By default, remote connections are only allowed from the remote's loopback IP. You will need to modify your profile .ini file to allow all IPs; "0.0.0.0/0.0.0.0,0"
Read the Azureus FAQ