A List of Memory: SSH VPN with remote routing

Tuesday, June 5, 2012

SSH VPN with remote routing

VPN Client
tun0 Private IP	192.168.100.253

VPN Server
tun0 Private IP	192.168.100.254
Public IP	1.2.3.4
Public Interface	eth0

Server

Install Packages

yum install tunctl

Create tun0

tunctl -t tun0

Configure tun0

ifconfig tun0 192.168.100.254 netmask 255.255.255.0 pointopoint 192.168.100.253

Configure sshd for tunnel

vi /etc/ssh/sshd_config

PermitTunnel yes

Restart sshd for Modified Configuration

service sshd restart

Enable forward

sysctl –w net.ipv4.ip_forward=1

iptables -I FORWARD -i tun0 -o eth0 -j ACCEPT

iptables -I FORWARD -i eth0 -o tun0 -j ACCEPT

iptables -t nat -A POSTROUTING -s 192.168.100.253/24 -o eth0 -j MASQUERADE

Local

Install Packages

yum install tunctl

Create tun0

tunctl -t tun0

Configure tun0

ifconfig tun0 192.168.100.253 netmask 255.255.255.0 pointopoint 192.168.100.254

Connect

ssh -w0:0 1.2.3.4

Configure routing (special destination goes through remote gateway / VPN Server)

route add -net some_ip/prefix dev tun0
(e.g. route add -net 140.112.31.0/24 dev tun0)

2 comments:

Alan WadeNovember 2, 2012 at 8:38 PM
SSH tunnels offer a method to bypass firewalls that command sure web services – farewell as a website permits outgoing connections. As an example, at workplace users is also blocked by some firewalls to access to social websites like facebook and youtube directly through eighty ports. However users might not would like to possess their internet traffic blocked by the firewalls and filters and want to be ready to unblock facebook and youtube. If users will hook up with AN external SSH server, they will produce AN SSH tunnel to forward a given port on their native machine to port eighty on an overseas internet server to bypass those firewalls and filters to unblock facebook and youtube.

SSH VPN Review
ReplyDelete
Replies

Subscribe to: Post Comments (Atom)