Secure Shell, SOA Suite 12c

SSH Tunnel to access a remote server

Recently we started developing an SOA integration with SAP. The problem we were facing was that the servers where the Web Services from SAP were exposed, were only accesible from the machines where the SOA Suite was installed, but not from our local machines. Although we had access to the SOA servers from our computers, running a test was impossible to achieve:

failed-remote-server-access

At some point the validation/testing process became really tedious and complicated. That was when we thought about doing an SSH Tunnel. It would basically allow us to access the remote server (SAP) from our local machines through a “tunnel” and then be able to open the WSDL definitions on our browsers, directly test them on SoapUI, or whatever we might needed to do.

ssh-tunneling

The “easiest” way to do this, is with existing software like MobaXterm for Windows, or SSH Tunnel Manager for Mac. We only need to enter the required parameters and they will do it for us.

MobaXterm

mobaxterm-ssh-tunnel-config

SSH Tunnel Manager

ssh-tunnel-manager-config

 

In both cases the information to be completed is pretty straightforward, and that’s what makes it so simple. Once the connection is established, we would be able to get access.

The other way to do it is through a terminal. This is basically an ssh command, with a few more parameters to set. On windows it can be done from a local MobaXterm tab, or the Linux Bash Shell added on the Windows 10’s Anniversary Update, and from the regular terminal on OS X o Linux. The structure of the command would be something like the following:

ssh -N -p [ssh-server-port] [user-login]@[ssh-server-host] -L [local-port]:[remote-server-host]:[remote-server-port]

Replacing the text in the brackets with our actual values, it would look like this:

ssh -N -p 22 oracle@192.168.35.200 -L 10500:172.19.132.34:50000

Where:

-N     Do not execute a remote command. Commonly used for port forwarding.

-p     Port to connect to on the ssh server.

-L     Specifies that the given port on the local (client) host is to be forwarded to the given host and port on the remote side.

In my case, I’m on OS X, so the way for me to run was on terminal.

ssh-tunnel-with-terminal

We would be asked for the ssh server password, and once it’s on, it would hang in there until we manually kill the process.

In any of the cases, once the connection is established, we would be able to access the remote server (172.x.x.x:50000) from our local browser through localhost and the port specified (10500):

remote-server-access-explorer-ssh-tunnel

Running a test on SoapUI was possible too:

remote-server-test-soap-ui-ssh-tunnel

This actually saved us a lot of time and made things a whole lot easier. Hope it does for you too.

Standard