From Hentschel
Setting up VPN via SSHD
from this link
- enable
- PermitTunnel yes
- disable
- AllowTcpForwarding yes
Important: Both sides need to run as root to create the tunnel device. Thus, 'ssh -w 0:0 root@www.hentschel.net' must run as root on the client side too.
+---------------+ OpenSSH 4.3 +---------------+ | hentschel | tun0 -- Tunnel Interface -- tun0 | zm.home | | Has a tunnel | <------------------------------->| Has a tunnel | | and ethernet | 10.0.0.100 10.0.0.200 | and ethernet | +-------+-------+ point to point connection +-------+-------+ eth0 | creates a bridge | eth0 198.57.187.185 | that plugs machine B | 192.168.1.100 Routable | into network A | address | | here | | +-------+-------+ +-------+-------+ | Network A | | Network B | | The Internet | | 192.168.1.1/24| | Has internet | | Has internet | | | | NAT gateway | +---------------+ +---------------+To add route from hentschel to Network B,
ip route add 192.168.1.0/24 via 10.0.0.200on 'hentschel'. On zm.home, ensure IP forwarding is enabled via
sysctl net.ipv4.ip_forward, and set it to enabled in /etc/sysctl.config if not.
The gateway on network B needs to be modified to redirect traffic destined for host hentschel via eth0 on host zm.home. We don't redirect all internet traffic via the tunnel, just what is destined for zm.home. On the Asus router, that looks like this: