Skip to content Skip to navigation

List of Services and Ports for SSH Tunnels

By Hanz Makmur - LCSR Computing Facility Rutgers University

 

Modified Feb 7, 2003

 

SSH Tunneling works practically on all TCP services. Following the tunneling instruction on AppleShareIP or Windows Fileservers, we can also securely access insecure TCP services sitting behind firewall.

 

The table below lists some of the most common Services and Ports that are used for common programs.

 

List of Common Services

 

Service Name

Ports

Accessing the Tunnel via: 127.0.0.1

FTP

21

Ftp Server: 127.0.0.1

Telnet

23

Telnet: 127.0.0.1

SMTP

25

SMTP or Outgoing Mail server: 127.0.01

Webserver

80

http://127.0.0.1

POP3

110

Incoming POP3 Mail server: 127.0.0.1

NNTP

119

Netnews Server: 127.0.0.1

SMB

139

Windows Fileserver: \\127.0.0.1\volume_name

IMAP

143

Incoming IMAP Mail Server: 127.0.0.1

AFP

548

AppleShare Server IP: 127.0.0.1

Filemaker

5003

Filemaker Server: 127.0.0.1

VNC

5900

VNC Server: 127.0.0.1

 

By using the port number from the service table, you can tunnel the service so you can access it from outside a firewall. Setting up the tunnel for each service depends on the type of operating software used to create the tunnel. Below you will find examples of settings for Windows Secure Shell Client and MacOS X or Linux built in ssh program. You will also see examples on how to access a service once the tunnel is established.

 

If you will like to see more detailed examples see: /resources/using-ssh-tunnels-vpn-run-services-behind-firewall

 

Example of entries for Windows running Secure Shell Client:

 

For Windows users, Secure Shell Client Outgoing Tunnel entries will look like the following for a webserver with a listen port set to port 8080. With this setting, you will access the webserver via http://127.0.0.1:8080

 

 

Below, you will find more examples of entries you can use to connect to other different services and what to enter tunnel parameters for specific service.

 


Table of entries for WindowsOS Secure Shell Client

 

Display Name

Type

Listen Port

Destination Port

Destination Host

FTP

TCP

21

21

ftp_server, ex:: ftp.rutgers.edu

Telnet

TCP

23

23

telnet_server, ex:: eden.rutgers.edu

SMTP

TCP

25

25

mail_server, ex:: mail.eden.rutgers.edu

Webserver

TCP

80

80

web_server, ex:: www.rutgers.edu

POP3

TCP

110

110

mail_server, ex:: mail.eden.rutgers.edu

NNTP

TCP

119

119

news_server, ex:: news-nb.rutgers.edu

SMB

TCP

139

139

ms_fileserver, ex:: server.rutgers.edu

IMAP

TCP

143

143

mail_server, ex:: mail.rutgers.edu

AppleShare

TCP

548

548

appleshare_server, ex:: myshare.rutgers.edu

Timbuktu

TCP

407

407

timbuktu_server, ex:: headless.rutgers.edu

Filemaker

TCP

5003

5003

database_server, ex:: database.rutgers.edu

VNC

TCP

5900

5900

vnc_server, ex:: my_office_pc.rutgers.edu

 

 

Table of command in MacOS X and Linux

 

Service Name

Port

SSH Command Executed from home_machine

FTP

21

ssh -N -L 21:ftp_server:21 username@rci.rutgers.edu

Telnet

23

ssh -N -L 23:telnet_server:23 username@rci.rutgers.edu

SMTP

25

ssh -N -L 25:mail_server:25 username@rci.rutgers.edu

Webserver

80

ssh -N -L 80:web_server:80 username@rci.rutgers.edu

POP3

110

ssh -N -L 110:mail_server:110 username@rci.rutgers.edu

NNTP

119

ssh -N -L 119:news_server:119 username@rci.rutgers.edu

SMB

139

ssh -N -L 139:ms_fileserver:139 username@rci.rutgers.edu

IMAP

143

ssh -N -L 143:imap_server:143 username@rci.rutgers.edu

AppleShare

548

ssh -N -L 548:office_server:548 username@rci.rutgers.edu

Timbuktu

407

ssh -N -L 407:timbuktu_server:407 username@rci.rutgers.edu

Filemaker

5003

ssh -N -L 5003:db_server:5003 username@rci.rutgers.edu

VNC

5900

ssh -N -L 5900:vnc_server:5900 username@rci.rutgers.edu

 

Note the bold port number can be set to a different number, however this could cause problems with the client. Because some clients always use a specific port number, only change this port number if you know the client software can use different port numbers or to avoid conflict with services already running on the local computer. For example, if the listen port number is changed for the AppleShare server to 5480, to access the server you will have to enter: 127.0.0.1:5480.

 

For complete official port number list see http://www.iana.org/assignments/port-numbers

 

If you have any questions, please contact HelpDesk