I’m trying to setup a secure connection so I can browse the internet on various Windows machines, but have my internet traffic go through my home connection. Setting up an OpenVPN server at home would be overkill for this, plus, I may not have access to install the OpenVPN software on some machines. Instead, I’m going to setup an SSH tunnel, sometimes called a poor man’s VPN. I’ll use PuTTY to create the tunnel, then proxy all traffic through it using Firefox. This way, Firefox traffic will go to my home router, while traffic from another browser (e.g., Chrome, IE, etc..) will go through my local connection.
Setup your home/remote network
First, you’ll need to make sure you can access your home/remote network via SSH from the internet. I won’t cover that in detail here, but if you’re using OpenWRT, you can use the commands below to create a firewall rule, changing the port as needed.
uci add firewall rule uci set firewall.@rule[-1].name='ssh tunnel' uci set firewall.@rule[-1].src='wan' uci set firewall.@rule[-1].dest_port='1234' uci set firewall.@rule[-1].target='ACCEPT' uci set firewall.@rule[-1].proto='tcp' uci commit firewall /etc/init.d/firewall restart
It would also be helpful to have dynamic DNS setup, in case your home/remote ISP changes your IP on a regular interval.
Now, you’ll need PuTTY. I recommend the stand-alone executable, in the event you don’t have rights to install software.
When you lauch PuTTY, enter your DDNS name (or home/remote IP), TCP port, and session name, as shown below.
In the left side of the window, navigate to Connection, then SSH, then Tunnels. In the Source Port box, enter a TCP port on your machine is that is not being used (e.g., 9870). Select Dynamic and Auto, then click Add.
In the left side of the window, navigate back to Session, then click Save to save your setup.
Next, we’ll configure Firefox to use SSH. Navigate to Tools, then Options, then Advanced, then Network, then Connection Settings.
In the Connection Settings window, select Manual proxy configuration, and enter 127.0.0.1 in the SOCKS Host field and your port in the Port field. Make sure that SOCKS5 and Remote DNS are enabled.
Test your connection
In Firefox, try to navigate to www.google.com. If you setup everything correctly, it should timeout with the error below (since your tunnel is down).
Now, load your saved SSH tunnel session in PuTTY, connect to your home/remote network, and refresh the page in Firefox. It should load now, since your tunnel is up.
Let me know how it goes!