The problem I am trying to solve is how to establish SSH & RDP connection to a Linux machine that is behind a firewall, with a non-static public IP, and no port forwarding capability:
Customer wants my org to be able to remote-in to the linux machine on their network. Customer A’s organization does not have ability to port forward nor assign public static IP. They are able and willing to run script on the machine in order to establish a reverse tunnel-type connection.
My Org’s Team is not local to me, and will need to remote-in to the linux machine on the customer’s network, from another part of the country. This team will not have assuredness that the client machine they would use to perform remote work will always be on and running. In addition, they will not have a static public IP. They may have the ability to configure a DDNS service, but this is still unsure
I am able to set up a server with DDNS at my location and keep any connection running indefinitely (will never shut down). My Thought is that there may be a way for the linux server @ customer’s network to reverse tunnel to me via DDNS which will be established indefinitely. After establishing that connection can the remote team connect to my machine via normal SSH/RDP and somehow get to the linux machine via some forwarding I set up on my machine? My machine can be either linux or windows, it does not matter.
Here’s a more detailed breakdown of an architecture I have in mind:
Machine 1: Remote, Linux Server running Ubuntu Desktop 22.04.04. Behind a firewall that cannot be port forwarded. The machine ingests and displays an IP Camera feed, hence Ubuntu Desktop rather than Ubuntu Server. Public IP Address is non-static, although this may be irrelevant because the port cannot be forwarded to expose an SSH or XRDP interface to the public anyway. Could run a DDNS client if needed. This machine will always be on & running.
Machine 2: Local (me), Windows or Linux, configured with DDNS client. This machine will always be running. Potential intent is to use this somehow as a gateway for the remote team to connect to Machine 1 maybe?
(Is there a way to make Machine 3 -> Machine 2 <- Machine 1 equivalent to Machine 3 -> Machine 1 ??)
Once again XRDP will be needed, as this remote team needs to be able to see a camera feed.
Machine 3: Remote (team), Windows, not reliable to be running all the time – and not configured with static IP.
