Disclaimer: Check with your local government about the legality of encryption in your country.  Exporting encryption algorithms from the United States to a foreign country is illegal, and using encryption at all is illegal in some countries.

What you need

• An always on high speed connection at home
• OpenSSh (linux or windows version will work)
• Putty (check the downloads section)
• A port scanner program (google ‘free port scanner’)

Step 1

First off, find out what ports are open on your company’s firewall… port 21, 80 and 443 are all most likely open, unless your company uses a proxy server.  I won’t show you how to find the firewalls IP address, but it is in many cases the gateway address of your machine.  In a command prompt type ‘ipconfig /all’  take note of the gateway address.  Run the port scanner on your company’s firewall and write down any open ports.  A port number can be anywhere from 1-65535.

Step 2

When you go home from work install OpenSSh.  Make sure your computer has a static IP address, if not set one that is in the static range on your home network.

Edit the conf file for OpenSSh and change the port that it runs on to one of the ones that is open at your work.  (21 is good because it’s used for file transfers – easier to cover up your bandwidth usage).  You may be able to change the port by forwarding it to a different external port on your router as well.

Enable remote desktop on your local machine (if you want to be able to connect to it from work).  Right click on ‘my computer’ > Properties > Remote Tab.  Check the box that says ‘Allow users to connect remotely to this computer’

Install a proxy server to surf the web at work.  I like Squid, but any proxy will work, follow the install instructions given and make sure to test that it’s working.

Forward the OpenSSh port you picked on your router so you can access it externally.  A good way to access it externally is to try to connect to your external internet IP with putty.  (Go to whatsmyip.com and enter it into putty, along with the port you forwarded.)

Setting up dynamic DNS on your home computer will be a huge time saver for you, this way when your IP address changes, it is transparent to you.  You will always be able to access your SSh server through a domain name.  I recommend dyndns.org.  Click ‘ADD’ then go back to ‘Session’ and save your session.

Step 3

At work, install putty or run it from a thumb drive.  Type in your external IP address from home (or your dyndns domain) as well as the port you picked.  Go down to SSh on the bottom and click ‘tunnels’.  In the Destination area, type in the local IP address of your proxy server as if you were at home i.e. 192.168.x.x or 10.0.x.x, as well as the port.  In the source port, type any four digit port number and write it down – you will be using this port on your local computer to connect to the proxy.

In internet explorer set the proxy server address to localhost or 127.0.0.1 along with the port you mapped in putty.

You can also map the remote desktop port 3389 from your home machine to a local port using the same method described above.

Conclusion
This should work on most firewalls that don’t use protocol blocking (we’re working on that too…).  This method of tunneling is a little hard to understand at first, but just keep at it and you’ll get it – it’s well worth knowing.

***AMENDMENT***
You can just click the ‘proxy’ option in putty and set up the information.  SSh IS a proxy server of sorts.  Use socks 5 for your programs (internet explorer, etc) and the port you chose to run it on!  No need for another proxy like squid!