Menu
here's my scenario:
I have IP camera behind the company firewall that I want to stream publicly, and for that, I've created two Azure VMs (Ubuntu 19.04) - let's call them vm1 and vm2
In case it's important, my VM SKU is Standard B1s (1 vcpus, 1 GiB memory)
I SSH to my camera and from there, I do a remote port forwarding for RTSP like this:
ssh -R 554:localhost:554 root@<vm1-ip>
And, I guess I need to enable root SSH because it's a "well-known" port.
I log in to vm1, and I see it's listening on the port: sudo netstat -tlnp gives me this:
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:554 0.0.0.0:* LISTEN 108748/sshd: root@p
tcp6 0 0 ::1:554 :::* LISTEN 108748/sshd: root@p
But, when I use nmap from from vm2, the port is shown as closed:
nmap <vm1-ip> -p 554
PORT STATE SERVICE
554/tcp closed rtsp
When I use vlc to connect to the stream, it doesn't work either: the URL I use in vlc is: rtsp://<vm1-ip>/...
I thought this might be an issue with the NSG (network security group) associated with vm1, so I tried allowing all inbound traffic:
and, needless to say that it doesn't solve the issue
Any thoughts on this?
Thank you
462
I had the same issue and solved it with enabling the GatewayPorts option on the SSH server configuration file on the Azure VM. This option allows remote hosts to connect to local forwarded ports. By default, it is set to no, which means that only connections from the loopback address (127.0.0.1) are allowed.
To enable the GatewayPorts option, you need to do the following steps:
-R 554:0.0.0.0:554 to bind to any address, or -R 554:127.0.0.1:554 or -R 554:localhost:554 to bind to a specific address.sudo systemctl restart sshd or sudo service sshd restart, depending on your Linux distribution.
163
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
