Providing security is the very important thing in today’s real world. Because many popular protocols deployed in the Internet today are designed in the earlier stages, so Security, Data confidentiality, Integrity, Encryptions and Data transmissions arethe biggest issues.
Example HTTP, SSH, telnet and FTP, These protocols are not secure because they are cleartext protocol; these were completely replaced by sophisticated protocols like POP3 over SSL/TLS, SMTPS, telnet over SSL/TLS and FTPS. But large companies they were already implemented and using ftp, telnet services for their organization. They cannot afford huge money to replace ftp, telnet so they will make use of tunneling to provide security for those insecure protocols.
“Tunneling” makes use of secure protocol to exchangedata securely between insecure protocols. It involves allowing private network communicationsto be sent across a public network, such as the Internet through a process called encapsulation. It is also known as “Port Forwarding” . Virtual Private Network (VPN) technology is based on the idea of tunneling.
We should enable Port forwarding in the router.So that we can access the services securely from the internet, this can be done by following the below steps
1.Everyone knows that the router has two interfaces one is public ip (206.96.XX.XX) and the other one is for private (internal) ip’s so that we can connect many systems to the same router so they will get private ip’s like 192.168.1.2, 192.168.1.3 and so on…,
2.All the requests from the internal systems to internet should go from the public ip of the router like below
3.There are 3 systems connected to the router with unique private IP addresses.Whenever any internal system makes request to the internet; they all uses the same Public IP of the router i.e 206.96.XX.XXwith any of the non-reserved port no. to distinguish between other internal systems request.
By the same way we can access the internal system or services by port forwarding in the router like as shown in the below diagram
So that we can access the HTTP, FTP, SSH services from outside network also simply by specifying the routers public ip with the port no. of the service which you are already enabled port forwarding in the router.
In our example we forwarded the traffic whichever coming to 206.96.XX.XX on port no. 80 should go to 192.168.1.5 because 192.168.1.5 is the web server which will handle http traffic
The above scenario is just a clear cut idea about how to configure port forwarding in router and how it will work…., Similar way we can access mail servers and any confidential data by using SSH Tunnel.