Hello,
My company is using a palo alto firewall which replaces the SSL certificate for every HTTPS site by a company generated one. I used to bypass internet filtering by creating a SSH tunnel with Putty (I am local admin and can run Putty on my laptop) and run it on port 443. Then add a socks proxy in my browser setting and I was done. No more SSL filtering and I could access any website.
But now the firewall is blocking this as well. SSH to port 443 is not working anymore.
I tried this: https://hacktr.org/blog/2020/01/01/ssh-tunneling-over-https/ but it didn’t work either.
I also tried this: https://mariobrandt.de/archives/technik/ssh-tunnel-bypassing-transparent-proxy-using-apache-170/
But no go as well.
This has to be possible some way, by proxying apache to SSH using a letsencrypt cert. I tried to add a LE cert but the problem is when apache proxies to SSH it changes to IP ad the firewall blocks that step.
Any idea how to solve this?
You wont like to hear this but: Dont do this. Do not try to circumvent protections that company IT has put in place. You will find yourself in a meeting with IT and HR much quicker than you think.
You have 3 options:
Stop doing what youre trying to do
Talk to IT and see if they would make exceptions for you
Keep attempting this and risk losing your job
You might want to bookmark a sub like /r/LegalAdvice for the future, good luck! /r/SysAdmin and /r/CyberSecurityAdvice can probably also tell you to stop doing this.