Direct Connect into private network (Tunneling???)

krko7365 · n00b Joined: 29 Mar 2003 Posts: 9

I wile ago I moved out of my student dorm and therefore lost the possibility of file sharing with my friends because of the dorm network being a private firewalled network. I decided to try to connect from outside, but all my VPN experiments failed somehow. What I want to do is to let a computer on the private network (with private ip-adress) connect to my box outside (which has a dynamic but public ip-adress) and to be able to route packets from outside, with ssh, back through the firewall and into the private network, translating the ip-adress into something that the private network understands, thus being able to connect to a Direct Connect hub and to all users having files I want to share, and then somehow get the files to download to my outside box.
How the hell is this gonna work ??? :-)

Any suggestions,anyone?
Thanks in advance / Chris
Ps. The firewall allows outbound ssh traffic, but is ofcourse a remote one to which I have no access.

dberkholz · Posted: Mon Jun 02, 2003 10:51 pm Post subject:

If you can SSH in, you could try tunneling through it.

krko7365 · n00b Joined: 29 Mar 2003 Posts: 9

I can SSH out of the private network, but not SSH into it, not because of the
firewall, but because all computers inside have private ip-adresses in the
range 10.x.x.x so my ISP wouldn't even let packets with destination
adresses like that leave outside the ISP network, which ofcourse, is not where
I want to go.
Is this an unsolvable problem?
Please help

/Chris

dberkholz · Posted: Tue Jun 03, 2003 9:30 am Post subject:

There isn't an SSH server for the network? For example at my work we're on a 10.x.x.x network, but there's an SSH server with an external IP, through which we can access the internal network from outside.

Or you could convince someone on the inside to start the SSH tunnel.

krko7365 · n00b Joined: 29 Mar 2003 Posts: 9

dberkholz · Posted: Tue Jun 03, 2003 3:58 pm Post subject:

You probably won't be able to get an internal IP, but you will be able to go through your friend's computer using his IP.

ghuug · Posted: Tue Jun 03, 2003 4:13 pm Post subject:

one solution would be to setup pptpd on your machine and let someone from private network to connect to you. Then, they will get private address inside VPN tunel (like 192.168.0.1 <- you and 192.168.0.2 <- they). Note that IP addresses should differ from IPs they are using in their LAN.

Mikhail.

krko7365 · n00b Joined: 29 Mar 2003 Posts: 9

Thanks!
This was helpful. I learned a great deal about VPN's by setting up
a PopTop-server at my linux box and connect a win xp - laptop to one of
the ethernet-interfaces with win xp - pptp.

But the problem is that this won't work in the situation with the
Yesterday we learned that the firewall on the borderprivate network.

of the 10.x.x.x private network doesn't permit outbound traffic on PPtP.
This indeed sucks.
Now I wonder if plain ssh (combined with ppp) can give me the same
functionality. Probably the ssh port (outbound) is not closed on the firewall. Would this give me an ip-adress as well on the server with public adress?

Is there a windows client that could be used or would I need a
linux client on the private 10.x.x.x network ???

/Chris

Caffeine · Posted: Mon Jan 19, 2004 10:37 am Post subject:

Did you get any further with this?
I found this article, but it didn't quite work...

http://www.tldp.org/HOWTO/Firewall-Piercing/x189.html