SSH tunnels are useful to cross insecure networks, leveraging end to end encryption, connecting two end-points that seats on distinct trusted networks.
As far as I can tell, what you have is:
- A local endpoint: your
localhost, on your local network - A remote endpoint: the
awsserver, that it is part of a remote restricted network - The host
deviceIP, that listens on port80and is part of the remote restricted network
A remote port forwarding as your ssh -R 8080:deviceIP:80 user@aws:
- Creates a tunnel between
localhostandaws - Lets
awslisten on port8080 - Sends through the tunnel all the traffic that comes to
aws:8080from its local network - Lets
localhostsend that traffic todeviceIP:80on your local network, not through the tunnel.
I guess it's not what you want. This setup is useful if you want some resource on your local network to be available to hosts on the remote network.
A local port forwarding as the one suggested by roaima, ssh -L 8080:deviceIP:80 user@aws:
- Creates a tunnel between
localhostandaws - Lets
localhostlisten on port8080 - Sends traffic that comes to
localhost:8080(here, requests from your browser) through the tunnel - Lets
awssend that traffic todeviceIP:80on the remote network
This seems to be what you are looking for since you are asking for requests originating on your localhost being served by deviceIP.
If you really want the aws server to listen on port 8080 and forward all the traffic from port 8080 to deviceIP:80, you have to ssh into aws and define a local port forwarding there. It's probably not the best way, but:
$ ssh -L *:8080:deviceIP:80 user@localhost # run on aws This way aws forwards to deviceIP:80 all the traffic it receives from its local network (not from a tunnel).