This post shows how to do set up a port tunnel using the PuTTY SSH client on Windows. I don’t normally use Windows myself but on occasion need to use the SQL Server Management Studio to connect to a server on an unreachable internal network, but can connect to a Linux server that sits within that network. By port forwarding with PuTTY, I can use Management Studio to connect to the normally unreachable SQL Server.
PuTTY SSH Client
PuTTY is a freely available SSH and Telnet client for Windows. PuTTY and a variety of other useful tools can be downloaded from the official website here.
Creating an SSH tunnel with PuTTY
Open up the "SSH" option in the category pane in PuTTY and then select the "Tunnels" option as shown in the screenshot below.
The highlighted section on the right shows the already created tunnels and below that another tunnel which is about to be created.
Example servers
The SSH server we’re going to connect to is at 172.16.241.1, and we want to create tunnel from port 1435 on the local machine to 1433 on the server at 10.10.1.143. 10.10.1.143 is accessible from 172.16.241.1 but not from our local machine.
Creating a new SSH tunnel
To add a tunnel, enter a port number into the "source port" field (1435 in our example); this is the port on the local machine you will connect to. Then enter the destination IP address (10.10.1.143), followed by a colon then the port number (1433). Then click the "Add" button and it will be added to the list of tunnels.
Once you have connected to the SSH server (172.16.241.1), connecting to 127.0.0.1 on port 1435 will actually connect you to 10.10.1.143 on port 1433 via the SSH server.
Note that the source port needs to be available on your local machine (i.e. not used by an already running service) and the destination must be accessible from the SSH server for this to work.
Removing an existing SSH tunnel
To remove an existing SSH tunnel simply click it in the list of forwarded ports and click the "Remove" button.
Creating multiple SSH tunnels
You can create multiple SSH tunnels which I have done in the example screenshot above. Just make sure that each source port is unique. In the above example, we are connecting to multiple SQL Servers (1433 is the default SQL Server port) using a different source port for each.
We’d connect to
– 127.0.0.1 on 1433 to get to 10.10.1.141
– 127.0.0.1 on 1434 to get to 10.10.1.142
– 127.0.0.1 on 1435 to get to 10.10.1.143