Hello,
My company is using a palo alto firewall which replaces the SSL certificate for every HTTPS site by a company generated one. I used to bypass internet filtering by creating a SSH tunnel with Putty (I am local admin and can run Putty on my laptop) and run it on port 443. Then add a socks proxy in my browser setting and I was done. No more SSL filtering and I could access any website.
But now the firewall is blocking this as well. SSH to port 443 is not working anymore.
I tried this: https://hacktr.org/blog/2020/01/01/ssh-tunneling-over-https/ but it didn’t work either.
I also tried this: https://mariobrandt.de/archives/technik/ssh-tunnel-bypassing-transparent-proxy-using-apache-170/
But no go as well.
This has to be possible some way, by proxying apache to SSH using a letsencrypt cert. I tried to add a LE cert but the problem is when apache proxies to SSH it changes to IP ad the firewall blocks that step.
Any idea how to solve this?
This has nothing to do with selfhosting, this is a 100% security/hacker related question.
Stop trying to access non-related work things on corporate networks! Use you own travelling router/mobile tethering etc
If you’re abusing this policy also now anything you do/create on “their” computers is/can be visible to them and in the case of creation they can claim IP!
OP… as an admin… you are the worst… but since you’re not my user 🤣 you’ll probably have better luck tunnelling out on 53 masquerading as DNS with something like iodine.
Btw, If I caught you doing this, because I block outbound DNS, I’d try to get you fired.
I really hope you get a warning for the behaviour… you are endangering the company and explicity circumvent policies… this is not OK.
Do this on your own equipment, not behind a company firewall.