SSH tunneling is blocked only when at work and only when connected to VPN

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
0
down vote

favorite












I would like to be able to ssh tunnel into a machine that is connected to a VPN at work.



Setup




  • Machine A - Creates the SSH tunnel in Machine B


  • Machine B - Connects to the work VPN

Situation



╒═════════╤══════════════╤═════════════════════╤══════════════╤═════════════════════╕
│ │ Work Network │ Work Network on VPN │ Home network │ Home network on VPN │
├─────────┼──────────────┼─────────────────────┼──────────────┼─────────────────────┤
│ Can SSH │ Yes │ No │ Yes │ Yes │
╘═════════╧══════════════╧═════════════════════╧══════════════╧═════════════════════


As you can see. It is not the VPN that is blocking my being able to ssh into Machine B as I am able to connect to the VPN on the same machine at home. So it is the work network that is blocking this but ONLY when I am connected to the VPN.



I am changed the ssh port to 2222 and 17832 but this made little difference, once connected to the VPN the connect will time out.



I am confused, is it possible that at work they block ssh tunneling but only when somebody is connected to the VPN?







share|improve this question





















  • It is pretty difficult to understand what you want to do, could you rephrase? A possible answer as far as I understood: there could be a firewall at your company, which blocks some ports.
    – jue
    Jun 22 at 11:24










  • I think to sum up :) and sorry its confusing. When I am at home with the same laptop. I connect to our work VPN and then I can tunnel into that machine successfully. When I am at work and i use the same machine and connect to the same VPN, I am unable to ssh tunnel in.
    – Jamie Hutber
    Jun 22 at 13:56










  • I have updated the question Jue... I hope it is more clear now?
    – Jamie Hutber
    Jun 22 at 14:20















up vote
0
down vote

favorite












I would like to be able to ssh tunnel into a machine that is connected to a VPN at work.



Setup




  • Machine A - Creates the SSH tunnel in Machine B


  • Machine B - Connects to the work VPN

Situation



╒═════════╤══════════════╤═════════════════════╤══════════════╤═════════════════════╕
│ │ Work Network │ Work Network on VPN │ Home network │ Home network on VPN │
├─────────┼──────────────┼─────────────────────┼──────────────┼─────────────────────┤
│ Can SSH │ Yes │ No │ Yes │ Yes │
╘═════════╧══════════════╧═════════════════════╧══════════════╧═════════════════════


As you can see. It is not the VPN that is blocking my being able to ssh into Machine B as I am able to connect to the VPN on the same machine at home. So it is the work network that is blocking this but ONLY when I am connected to the VPN.



I am changed the ssh port to 2222 and 17832 but this made little difference, once connected to the VPN the connect will time out.



I am confused, is it possible that at work they block ssh tunneling but only when somebody is connected to the VPN?







share|improve this question





















  • It is pretty difficult to understand what you want to do, could you rephrase? A possible answer as far as I understood: there could be a firewall at your company, which blocks some ports.
    – jue
    Jun 22 at 11:24










  • I think to sum up :) and sorry its confusing. When I am at home with the same laptop. I connect to our work VPN and then I can tunnel into that machine successfully. When I am at work and i use the same machine and connect to the same VPN, I am unable to ssh tunnel in.
    – Jamie Hutber
    Jun 22 at 13:56










  • I have updated the question Jue... I hope it is more clear now?
    – Jamie Hutber
    Jun 22 at 14:20













up vote
0
down vote

favorite









up vote
0
down vote

favorite











I would like to be able to ssh tunnel into a machine that is connected to a VPN at work.



Setup




  • Machine A - Creates the SSH tunnel in Machine B


  • Machine B - Connects to the work VPN

Situation



╒═════════╤══════════════╤═════════════════════╤══════════════╤═════════════════════╕
│ │ Work Network │ Work Network on VPN │ Home network │ Home network on VPN │
├─────────┼──────────────┼─────────────────────┼──────────────┼─────────────────────┤
│ Can SSH │ Yes │ No │ Yes │ Yes │
╘═════════╧══════════════╧═════════════════════╧══════════════╧═════════════════════


As you can see. It is not the VPN that is blocking my being able to ssh into Machine B as I am able to connect to the VPN on the same machine at home. So it is the work network that is blocking this but ONLY when I am connected to the VPN.



I am changed the ssh port to 2222 and 17832 but this made little difference, once connected to the VPN the connect will time out.



I am confused, is it possible that at work they block ssh tunneling but only when somebody is connected to the VPN?







share|improve this question













I would like to be able to ssh tunnel into a machine that is connected to a VPN at work.



Setup




  • Machine A - Creates the SSH tunnel in Machine B


  • Machine B - Connects to the work VPN

Situation



╒═════════╤══════════════╤═════════════════════╤══════════════╤═════════════════════╕
│ │ Work Network │ Work Network on VPN │ Home network │ Home network on VPN │
├─────────┼──────────────┼─────────────────────┼──────────────┼─────────────────────┤
│ Can SSH │ Yes │ No │ Yes │ Yes │
╘═════════╧══════════════╧═════════════════════╧══════════════╧═════════════════════


As you can see. It is not the VPN that is blocking my being able to ssh into Machine B as I am able to connect to the VPN on the same machine at home. So it is the work network that is blocking this but ONLY when I am connected to the VPN.



I am changed the ssh port to 2222 and 17832 but this made little difference, once connected to the VPN the connect will time out.



I am confused, is it possible that at work they block ssh tunneling but only when somebody is connected to the VPN?









share|improve this question












share|improve this question




share|improve this question








edited Jun 22 at 14:21
























asked Jun 21 at 22:22









Jamie Hutber

931212




931212











  • It is pretty difficult to understand what you want to do, could you rephrase? A possible answer as far as I understood: there could be a firewall at your company, which blocks some ports.
    – jue
    Jun 22 at 11:24










  • I think to sum up :) and sorry its confusing. When I am at home with the same laptop. I connect to our work VPN and then I can tunnel into that machine successfully. When I am at work and i use the same machine and connect to the same VPN, I am unable to ssh tunnel in.
    – Jamie Hutber
    Jun 22 at 13:56










  • I have updated the question Jue... I hope it is more clear now?
    – Jamie Hutber
    Jun 22 at 14:20

















  • It is pretty difficult to understand what you want to do, could you rephrase? A possible answer as far as I understood: there could be a firewall at your company, which blocks some ports.
    – jue
    Jun 22 at 11:24










  • I think to sum up :) and sorry its confusing. When I am at home with the same laptop. I connect to our work VPN and then I can tunnel into that machine successfully. When I am at work and i use the same machine and connect to the same VPN, I am unable to ssh tunnel in.
    – Jamie Hutber
    Jun 22 at 13:56










  • I have updated the question Jue... I hope it is more clear now?
    – Jamie Hutber
    Jun 22 at 14:20
















It is pretty difficult to understand what you want to do, could you rephrase? A possible answer as far as I understood: there could be a firewall at your company, which blocks some ports.
– jue
Jun 22 at 11:24




It is pretty difficult to understand what you want to do, could you rephrase? A possible answer as far as I understood: there could be a firewall at your company, which blocks some ports.
– jue
Jun 22 at 11:24












I think to sum up :) and sorry its confusing. When I am at home with the same laptop. I connect to our work VPN and then I can tunnel into that machine successfully. When I am at work and i use the same machine and connect to the same VPN, I am unable to ssh tunnel in.
– Jamie Hutber
Jun 22 at 13:56




I think to sum up :) and sorry its confusing. When I am at home with the same laptop. I connect to our work VPN and then I can tunnel into that machine successfully. When I am at work and i use the same machine and connect to the same VPN, I am unable to ssh tunnel in.
– Jamie Hutber
Jun 22 at 13:56












I have updated the question Jue... I hope it is more clear now?
– Jamie Hutber
Jun 22 at 14:20





I have updated the question Jue... I hope it is more clear now?
– Jamie Hutber
Jun 22 at 14:20











1 Answer
1






active

oldest

votes

















up vote
1
down vote













Depending on the VPN technology on question and client software, and especially in Corporate settings, VPNs usually install network routes diverting the usual flow of traffic.



Often they can also download firewalling policies that forbid you doing pretty much anything besides the intended use of connecting to the resources behind the VPN while the VPN is active for security reasons - namely using the VPN client as a jump hop/tunnel to another networks.



So the problem you are facing, could well be and most probably is a setup intentionally done by design. Other than that, I would advise talking with your local network team, they can give you far much more concrete answers than here.






share|improve this answer





















  • Thanks Rui, its as I feared then. What gets me most though is that at home I am able to ssh and tunnel, exactly how I would like to. So its 100% NOT the VPN that is the problem.
    – Jamie Hutber
    Jun 22 at 14:51










  • Policies can also be different from where you connect to the VPN, and often in corporate wifi you cannot connect from one client to the other. With the kind of details you give we can only speculate about the standard practices in the industry.
    – Rui F Ribeiro
    Jun 22 at 14:53







  • 1




    Well I work for a bank :) So indeed they can have more than one policy for the same network depending if you on the VPN or not basically. If this is possible, then yes I believe they will have blocked SSH.
    – Jamie Hutber
    Jun 22 at 15:03










Your Answer







StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: false,
noModals: false,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);








 

draft saved


draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f451200%2fssh-tunneling-is-blocked-only-when-at-work-and-only-when-connected-to-vpn%23new-answer', 'question_page');

);

Post as a guest






























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes








up vote
1
down vote













Depending on the VPN technology on question and client software, and especially in Corporate settings, VPNs usually install network routes diverting the usual flow of traffic.



Often they can also download firewalling policies that forbid you doing pretty much anything besides the intended use of connecting to the resources behind the VPN while the VPN is active for security reasons - namely using the VPN client as a jump hop/tunnel to another networks.



So the problem you are facing, could well be and most probably is a setup intentionally done by design. Other than that, I would advise talking with your local network team, they can give you far much more concrete answers than here.






share|improve this answer





















  • Thanks Rui, its as I feared then. What gets me most though is that at home I am able to ssh and tunnel, exactly how I would like to. So its 100% NOT the VPN that is the problem.
    – Jamie Hutber
    Jun 22 at 14:51










  • Policies can also be different from where you connect to the VPN, and often in corporate wifi you cannot connect from one client to the other. With the kind of details you give we can only speculate about the standard practices in the industry.
    – Rui F Ribeiro
    Jun 22 at 14:53







  • 1




    Well I work for a bank :) So indeed they can have more than one policy for the same network depending if you on the VPN or not basically. If this is possible, then yes I believe they will have blocked SSH.
    – Jamie Hutber
    Jun 22 at 15:03














up vote
1
down vote













Depending on the VPN technology on question and client software, and especially in Corporate settings, VPNs usually install network routes diverting the usual flow of traffic.



Often they can also download firewalling policies that forbid you doing pretty much anything besides the intended use of connecting to the resources behind the VPN while the VPN is active for security reasons - namely using the VPN client as a jump hop/tunnel to another networks.



So the problem you are facing, could well be and most probably is a setup intentionally done by design. Other than that, I would advise talking with your local network team, they can give you far much more concrete answers than here.






share|improve this answer





















  • Thanks Rui, its as I feared then. What gets me most though is that at home I am able to ssh and tunnel, exactly how I would like to. So its 100% NOT the VPN that is the problem.
    – Jamie Hutber
    Jun 22 at 14:51










  • Policies can also be different from where you connect to the VPN, and often in corporate wifi you cannot connect from one client to the other. With the kind of details you give we can only speculate about the standard practices in the industry.
    – Rui F Ribeiro
    Jun 22 at 14:53







  • 1




    Well I work for a bank :) So indeed they can have more than one policy for the same network depending if you on the VPN or not basically. If this is possible, then yes I believe they will have blocked SSH.
    – Jamie Hutber
    Jun 22 at 15:03












up vote
1
down vote










up vote
1
down vote









Depending on the VPN technology on question and client software, and especially in Corporate settings, VPNs usually install network routes diverting the usual flow of traffic.



Often they can also download firewalling policies that forbid you doing pretty much anything besides the intended use of connecting to the resources behind the VPN while the VPN is active for security reasons - namely using the VPN client as a jump hop/tunnel to another networks.



So the problem you are facing, could well be and most probably is a setup intentionally done by design. Other than that, I would advise talking with your local network team, they can give you far much more concrete answers than here.






share|improve this answer













Depending on the VPN technology on question and client software, and especially in Corporate settings, VPNs usually install network routes diverting the usual flow of traffic.



Often they can also download firewalling policies that forbid you doing pretty much anything besides the intended use of connecting to the resources behind the VPN while the VPN is active for security reasons - namely using the VPN client as a jump hop/tunnel to another networks.



So the problem you are facing, could well be and most probably is a setup intentionally done by design. Other than that, I would advise talking with your local network team, they can give you far much more concrete answers than here.







share|improve this answer













share|improve this answer



share|improve this answer











answered Jun 22 at 14:50









Rui F Ribeiro

34.3k1268113




34.3k1268113











  • Thanks Rui, its as I feared then. What gets me most though is that at home I am able to ssh and tunnel, exactly how I would like to. So its 100% NOT the VPN that is the problem.
    – Jamie Hutber
    Jun 22 at 14:51










  • Policies can also be different from where you connect to the VPN, and often in corporate wifi you cannot connect from one client to the other. With the kind of details you give we can only speculate about the standard practices in the industry.
    – Rui F Ribeiro
    Jun 22 at 14:53







  • 1




    Well I work for a bank :) So indeed they can have more than one policy for the same network depending if you on the VPN or not basically. If this is possible, then yes I believe they will have blocked SSH.
    – Jamie Hutber
    Jun 22 at 15:03
















  • Thanks Rui, its as I feared then. What gets me most though is that at home I am able to ssh and tunnel, exactly how I would like to. So its 100% NOT the VPN that is the problem.
    – Jamie Hutber
    Jun 22 at 14:51










  • Policies can also be different from where you connect to the VPN, and often in corporate wifi you cannot connect from one client to the other. With the kind of details you give we can only speculate about the standard practices in the industry.
    – Rui F Ribeiro
    Jun 22 at 14:53







  • 1




    Well I work for a bank :) So indeed they can have more than one policy for the same network depending if you on the VPN or not basically. If this is possible, then yes I believe they will have blocked SSH.
    – Jamie Hutber
    Jun 22 at 15:03















Thanks Rui, its as I feared then. What gets me most though is that at home I am able to ssh and tunnel, exactly how I would like to. So its 100% NOT the VPN that is the problem.
– Jamie Hutber
Jun 22 at 14:51




Thanks Rui, its as I feared then. What gets me most though is that at home I am able to ssh and tunnel, exactly how I would like to. So its 100% NOT the VPN that is the problem.
– Jamie Hutber
Jun 22 at 14:51












Policies can also be different from where you connect to the VPN, and often in corporate wifi you cannot connect from one client to the other. With the kind of details you give we can only speculate about the standard practices in the industry.
– Rui F Ribeiro
Jun 22 at 14:53





Policies can also be different from where you connect to the VPN, and often in corporate wifi you cannot connect from one client to the other. With the kind of details you give we can only speculate about the standard practices in the industry.
– Rui F Ribeiro
Jun 22 at 14:53





1




1




Well I work for a bank :) So indeed they can have more than one policy for the same network depending if you on the VPN or not basically. If this is possible, then yes I believe they will have blocked SSH.
– Jamie Hutber
Jun 22 at 15:03




Well I work for a bank :) So indeed they can have more than one policy for the same network depending if you on the VPN or not basically. If this is possible, then yes I believe they will have blocked SSH.
– Jamie Hutber
Jun 22 at 15:03












 

draft saved


draft discarded


























 


draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f451200%2fssh-tunneling-is-blocked-only-when-at-work-and-only-when-connected-to-vpn%23new-answer', 'question_page');

);

Post as a guest













































































Popular posts from this blog

How to check contact read email or not when send email to Individual?

Displaying single band from multi-band raster using QGIS

How many registers does an x86_64 CPU actually have?