Home
Products
     About SSH
     SSH Features
     Screenshots
     Notifications
     Security
     Customers
     Large scale
Download
     WinSSHD
     Tunnelier
     WRC
Purchase
     Reseller list
     Reseller policy
WinSSHD
     History
     Pricing
     License
     Help
          Users' guide
               Opening
          Printable docs
          Usage FAQ
          Securing WinSSHD
          WinSSHD for SFTP
          Accessing shares
Tunnelier
     History
     Pricing
     License
     Portable
     The 'log' utility
     Help
          How the net works
          Port forwarding guide
          Web browsing over SSH
          Tunnel Remote Desktop
          FTP bridge
          Tunnel file shares
          Tunnel WinVNC
          Tunnelier as service
FlowSsh library
     Documentation
Specifications
Company
     Work at Bitvise
     About us
     Contact

Opening WinSSHD to the internet

WinSSHD is intended to run with minimal configuration after initial installation. However, when installed in a LAN environment, it will not immediately receive connections from the internet by default.

In order to open WinSSHD to the internet, other network components must first be configured. The most prominent such components are the firewall on the machine where WinSSHD is running, and the router on the LAN to which this machine is attached.

Necessary preparation

Before you open WinSSHD to the internet, perform the following important steps:

  • Follow instructions in Connecting for the first time to make sure you are able to connect to WinSSHD from 'localhost'; that is, that you can connect from a client running on the same machine where WinSSHD is installed.
  • Follow instructions in Securing WinSSHD to lock down your settings to a degree where you are comfortable with them. After locking down your settings, use a client installed on the same machine to verify that everything is behaving the way you want.

Only when you are satisfied with the security of your settings, and when your settings work when connecting from 'localhost', open WinSSHD to the internet by:

  • opening the WinSSHD listening port(s) in your firewall, and
  • configuring your router to forward internet connections to the machine where WinSSHD is installed.

WinSSHD 5.06 and later

Since WinSSHD 5.06, you can configure WinSSHD to perform the above tasks automatically.

  • Open the section named "Windows Firewall" in WinSSHD Settings. Change the setting for "SSH ports" to "Open port(s) to any computer". This will automatically open your listening ports in your firewall when WinSSHD is running.
  • Open the section named "Bindings and UPnP" in WinSSHD Settings. Click Edit for the listening port you want to expose. By default, there will be one entry for the publicly known SSH port, 22. Check the setting "Enable UPnP NAT forwarding". This will automatically configure your router to forward internet connections to WinSSHD when WinSSHD is running.

If you have other software or hardware firewalls in addition to the Windows firewall, you will have to configure those firewalls manually.

In order for UPnP NAT forwarding to work, your router must support the Universal Plug and Play standard. Most recent routers do. If yours does not, you will have to configure it manually, too.

WinSSHD 5.05 and earlier

WinSSHD versions prior to 5.06 do not support automatic configuration of the Windows firewall and of routers. For those versions, the Windows firewall and the router have to be configured manually.