RDP to Windows Servers In The LAN Using SSH

In this blog, I will show you how to RDP into the servers in your LAN using an existing SSH session (tunnel).

This blog assumes that the firewall has port forwarding for:

SSH: TCP22 -> TCP22

RDP: TCP53330 -> TCP3389


Side note: On my Debian Linix box, this means that there is a DNAT rule on the Shorewall firewall that says:

DNAT net:$PRV loc: tcp 53330

(where $PRV is defined in the /etc/shorewall/params file as

These are the trusted subnets.


First, launch Putty.exe and setup a session as shown below. Fill in the host name with a host name or an IP address that you can use to connect to the SSH server. SSH by default listens on port 22.

Click SSH -> Tunnels. Enter the source port as the external source port, which is 53330. The destination is the internal IP address of the Windows Server as well as its RDP port which is 3389 by default.

Make sure you have this line added after you click on the Add button.

Save the session and click Open to connect.

Click Yes to confirm the fingerprint.

Now we are connected to SSH.

Enter localhost:53330 and click Connect.

Enter credentials to login and click OK

As you can see that we are now connected to the server via RDP via SSH.