The Problem:
You want to run a server behind a NAT router or a firewall and it is not possible to configure it to expose the server on the public Internet.
NOTE: for help configuring your NAT router or firewall, please see here.
In this howto we will refer to your server (the one behind the NAT router) as "YourServer", and the publicly accessible host as "PublicHost".
The Solution:
Secure Shell (ssh) Port Forwarding (sometimes referred to as tunneling). This is where connections to a chosen port on a publicly accessible host ("PublicHost") are forwarded to your server ("YourServer") port via a previously setup tunnel.
What you will need
Pre-setup:
When it is time for the forwarding to be active:
At YourServer:
After you have entered a username and password (valid on PublicServer), this should create a tunnel between port 1185 on PublicHost to port 85 on YourServer. When client programs (such as Internet Exporer) attempt to connect to port 1185 on PublicServer they will in fact end up connecting to port 85 on YourServer.
If there are problems include the "verbose" switch ("-v") to increase debug output. Possible problems include:
Test the setup:
Attempt to use you client program to connect to the chosen port on the PublicServer.
For example, to use Internet Explorer to connect to BroadWave normally (using the direct connection):
http://YourServer:85
or, using the setup described above:
http://PublicServer:1185
Secure Shell (ssh) Server setup:
The PublicServer needs a ssh server installed on it. There are several options, some open source and others are commercial offerings. The commercial offerings are generally easier to install and configure and come with technical support. Some commercial options are:
http://www.ssh.com/products/client-server/
http://www.bitvise.com/winsshd
A free option (copSSH) is available here: http://www.itefix.no/i2/copssh
To install and configure copSSH: