| View previous topic :: View next topic |
| Author |
Message |
ab3ap
n00b
Joined: 22 Mar 2005
Posts: 59
Location: Pennsylvania
|
 Posted: Fri Jan 30, 2009 10:58 pm Post subject: VPN, iptables, port range fwd'ing n00b advice req'd [SOLVED] |
 |
|
This is likely an easy question for those in the know since I'm only asking if I'm headed in the right direction.
PROBLEM: My employer blocks all ports above 80 and I want to run apps using higher ports. (Streaming music, ham radio stuff, weather, etc.) Simply using ssh's port forwarding isn't enough since I can't always predict which port a (remote) server will want to use.
SOLUTION: Is the following correct? My idea is that at home I will run a VPN server listening on some port. At work, I will connect to that VPN and then use iptables to forward all ports > 80 at work to my home VPN.
I expect it will take a week or so to learn openvpn and I know only enough iptables to be dangerous. So before digging into all the reading that that will require I thought I'd first ask if the basic idea is correct. If not, please let me know better alternatives. I can't be the first to do this, but I must be using the wrong Google search words to see what others in this situation have done because I'm not finding anything helpful.
Thanks very much!
Mike
Last edited by ab3ap on Sat Jan 31, 2009 3:02 am; edited 1 time in total |
|
| Back to top |
|
 |
vaguy02
Guru
Joined: 25 Feb 2005
Posts: 424
Location: Hopefully in one place
|
| Posted: Sat Jan 31, 2009 2:03 am Post subject: |
|
|
Couple problems I see at first, if you are going to use IPSEC as your VPN method, it's going to require Protocol 50, and TCP 500, 4500, which you say are blocked. Secondly, when you are connected to a VPN, you don't need to do anything with iptables to force ports, everything will be transmitting to your home network encrypted through the VPN tunnel.
Can I make a suggestion? (This is what I do at work). Have a computer at home, ssh into your house and tunnel a RDC connection through your SSH tunnel (tcp 22). This way you can use your computer as if you were at home and run all the services that you want to run from there. I'm paranoid, and I run AES-256 bit encryption, but most other ones work just fine.
_________________
Linux Registered User #458185
Intel Quad-Core w/ 4gigs Ram w/ 8800 GTX - Windows 7 RC
2x (Intel Dual-Core w/ 2gigs Ram - Gentoo)
Mac G5 Dual-Core w/ 2gigs Ram - OS 10.5 |
|
| Back to top |
|
|
ab3ap
n00b
Joined: 22 Mar 2005
Posts: 59
Location: Pennsylvania
|
| Posted: Sat Jan 31, 2009 3:00 am Post subject: |
|
|
Seems I misunderstood how the VPN would appear on my work machine. Thanks for clearing that up, because I definitely don't want (can't!) have the work machine completely on my home network & isolated via VPN from the work network. Since I can ssh into my home machine just fine using NAT, I'll redirect my efforts to reading up on RDC. I greatly appreciate the advice! While I still want to learn the ins and outs of VPNs, I'll save it till I have my streaming music back. Priorities, you know. :-)
Thanks again,
Mike |
|
| Back to top |
|
|
vaguy02
Guru
Joined: 25 Feb 2005
Posts: 424
Location: Hopefully in one place
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
