Overview
This article will provide you with the necessary steps to help secure your web browsing through a SOCKS 5 Proxy Tunnel at RPI. By using this Tunnel, you will be able to use RPI's remote access servers to access the internet. This is especially useful if you are remoting in from outside the United States that has restrictions on certain websites needed for RPI work.
Procedures
Connect to RPI's VPN
If you need assistance installing and/or connecting to RPI's VPN, please click here.
Install SecureCRT
RPI provides a license for SecureCRT to all RPI staff, students, and faculty. If you haven't already installed SecureCRT, please click here.
Note: You will need to request a license for this software before installing it.
Configuring Secure CRT
1. Open SecureCRT.
2. Unless the New session popup window already appeared on your screen, you will need to click on the "+" icon underneath the Session Manager in the top-left corner of the SecureCRT Window.
Note: I will not be using the wizard in this article.
[Selected plus icon in SecureCRT's Session Manager]
3. In the Session Options - New popup window's Connection section. The Name: of the session can be anything you want it to be. For this example I will be naming the session, RPI Proxy. For Protocol:, select SSH2 in the drop-down menu associated with it.
[In connection section, created name for connection and selected SSH2 protocol]
4. In the Session Options - New popup window's SSH2 section. For Hostname:, please type in any of the following options bellow:
- rcs-linux1.rpi.edu
- rcs-linux2.rpi.edu
- rcs-linux3.rpi.edu
5. For Port:, type in 22.
[In SSH2 section, typed in remote access server as Hostname, and typed in 22 for Port]
6. In the Session Options - New popup window's Port Forwarding section. Click on the Add... button.
[Selected Add button in the Port Forwarding section]
7. In the Local Port Forwarding Properties popup window. Create a name for your forward connection. For Port:, pick a number between 1025-65536. Check off the box for Dynamic forwarding using SOCKS 4 or 5. Then, click the OK button.
[In Port Forwarding Properties, new name was typed in, port 1337 was typed in, and Dynamic forwarding was checked]
9.)You will now see your new forward connection in the white box associated with Locally forwarded connections. Click the OK button.
[OK button was selected in the Port Forwarding section]
10. You should now see your new session in the Session Manager in the top-left corner of the SecureCRT window. Double-click on your session.
[RPI Proxy was selected in the Session Manager]
11. You will then see a popup window appear with regards to a New Host Key. Click the Accept & Save button.
12. Next, you will be prompted to type in a Username. Your username is your RCS ID.
13.) Then type in your RCS password when prompted for a Password.
14.) You should then see a small green check-mark indicating that you have successfully logged into the Remote Access Server. If you did not connect to the server, please contact the Help Desk.
[Green check mark indicates that the client is connected to the Remote Access Server]
15.) Minimize the SecureCRT screen. Do not disconnect!
Configuring Firefox to Use the Tunnel
1. Open Mozilla Firefox.
2. In the upper right-hand corner, click on the "hamburger" icon to access Firefox’s menu, and then click on Options ("gear" Icon):
["Hamburger" icon was selected, then Options was selected]
3.) In the Options popup menu, select Advanced, and then click on the Settings... button associated with Connection.
[In Advanced settings, the Connection settings button was clicked.]
4.) In the Connection Settings window, check the circle for Manual proxy configuration:, type in localhost in the text box associated with SOCKS Host:, type in the port number that you assigned for your forward connection in SecureCRT, and check the circle for SOCKS v5.
[In manual proxy configuration settings, localhost was typed in for SOCKS host, port 1337 was typed in, and SOCKS v5 was selected]
5.) Click the OK button. Now try opening up browser in Mozilla and see if you can connect to Google. As long as you didn't disconnect from the server on SecureCRT, you should be able to connect to Google. If you are not able to connect to google, please contact the Help Desk.
Note: Please remember to disable these settings if you disconnect from the Remote Access Server. If you do not, you will get a proxy error message, and will not be able to connect to the internet. To disconnect, simply go back into the Connection Settings, check the circle for No Proxy, and click the OK button. Mozilla will save your settings, so if you ever need to use the tunnel again you can simply recheck the circle for Manual proxy configuration: and click the OK button.
Configuring Chrome to Use the Tunnel
1. Open Chrome
2. In the top-right corner of your screen, click the "three dot vertical" symbol, hover the mouse over More tools in the drop-down, and then click on Extensions in the next drop-down menu.
[Extensions was selected in the more tools section of Chrome's customize and control options]
3. In the top-left corner of the screen click on the "hamburger" symbol next the the word Extensions. Another popup left-side menu will appear on the screen. Click on the Open Chrome Web Store option at the bottom of the menu.
[Open Chrome Web Store was selected in the Extension menu]
4. In the search bar near the top-left corner of the screen, type in SOCKS proxy, and hit <Enter>. In the image below you will see the extension I selected to add to chrome.
[SOCKS proxy extension was added to chrome after Socks Proxy was typed in the web store's search bar]
5. Once you add this extension to chrome you will then see a "sock" icon appear near the top-right corner of your screen. Right-click on the sock and select Options from the drop-down menu.
[Options was selected in the SOCKS proxy drop-down menu]
6. You will then be brought to a new tab and be prompted to type in a proxy port number. Type in the port number you used for your forward connection when configuring SecureCRT to the remote access server and click the Save button.
[1137 was typed in for SOCKS proxy port option]
7. You can now exit out of that tab. Right-click on the "sock" icon again and click on the Use localhost: **** SOCKS proxy option. As long as you are connected to the remote access server via SecureCRT, this connection will work.
[Use localhost: 1337 SOCKS proxy was selected in the SOCKS proxy drop-down menu]
8. After activating the SOCKS proxy you will then see a green rectangular symbol stating that it's on. You can now use the proxy to start browsing the web. Please contact the Help Desk if you run into any problems.
[Green rectangular on icon indicating that the proxy is on and working]
9. To deactivate the SOCKS proxy, simply right-click on the "sock" icon, and select the Use localhost: **** SOCKS proxy option. This extension will save the port info that you typed in to make things easy when you need to use the proxy again.
Note: You must be connected to the Remote Access Server before turning on the proxy. You will be unable to browse the web if you are not connected.
References
VPN Connection and Installation
SecureCRT Installation Instructions for Windows
RCS and Computer Science Remote Access Servers
Comments
0 comments
Article is closed for comments.