From Hentschel
Jump to: navigation, search
(Setting up VPN via SSHD)
Line 8: Line 8:
  
 
'''Important:''' Both sides need to run as root to create the tunnel device. Thus, 'ssh -w 0:0 root@www.hentschel.net' must run as root on the client side too.
 
'''Important:''' Both sides need to run as root to create the tunnel device. Thus, 'ssh -w 0:0 root@www.hentschel.net' must run as root on the client side too.
 +
<quote>
 +
    +---------------+            OpenSSH 4.3          +---------------+
 +
    |  Machine A  | tun0 -- Tunnel Interface -- tun0 |  Machine B  |
 +
    |  Has a tunnel | <------------------------------->|  Has a tunnel | 
 +
    |  and ethernet | 10.0.0.100            10.0.0.200 |  and ethernet |
 +
    +-------+-------+    point to point connection    +-------+-------+
 +
      eth0 |                creates a bridge                | eth0 
 +
10.0.0.100 |              that plugs machine B              | 192.168.0.100
 +
  port 22  |                  into network A                  |         
 +
  forwarded |                                                  |
 +
    here    |                                                  |
 +
    +-------+-------+          +-~-~-~-~-~-~-~-+      +-------+-------+
 +
    |  Network A  |          |              |      |  Network B  |
 +
    |  10.0.0.1/24  | 1.2.3.4  |  The Internet |      | 192.168.0.1/24|
 +
    |  Has internet |<-------->|              |<----->|  Has internet |
 +
    |  NAT gateway  | Routable |              |      |  NAT gateway  |
 +
    +---------------+ Address  +-~-~-~-~-~-~-~-+      +---------------+
 +
 +
</quote>

Revision as of 22:35, 21 March 2017

Setting up VPN via SSHD

from this link

  • enable
    • PermitTunnel yes
  • disable
    • AllowTcpForwarding yes

Important: Both sides need to run as root to create the tunnel device. Thus, 'ssh -w 0:0 root@www.hentschel.net' must run as root on the client side too. <quote> 

   +---------------+            OpenSSH 4.3           +---------------+
   |   Machine A   | tun0 -- Tunnel Interface -- tun0 |   Machine B   |
   |  Has a tunnel | <------------------------------->|  Has a tunnel |  
   |  and ethernet | 10.0.0.100            10.0.0.200 |  and ethernet |
   +-------+-------+     point to point connection    +-------+-------+
      eth0 |                 creates a bridge                 | eth0  
10.0.0.100 |               that plugs machine B               | 192.168.0.100
  port 22  |                  into network A                  |          
 forwarded |                                                  |
   here    |                                                  |
   +-------+-------+          +-~-~-~-~-~-~-~-+       +-------+-------+ 
   |   Network A   |          |               |       |   Network B   |
   |  10.0.0.1/24  | 1.2.3.4  |  The Internet |       | 192.168.0.1/24|
   |  Has internet |<-------->|               |<----->|  Has internet |
   |  NAT gateway  | Routable |               |       |  NAT gateway  |
   +---------------+ Address  +-~-~-~-~-~-~-~-+       +---------------+

</quote>

Retrieved from "http://www.hentschel.net/w/index.php?title=HM_server_networking&oldid=161"