From Hentschel
Jump to: navigation, search
(Setting up VPN via SSHD)
Line 29: Line 29:
  
 
To add route from hentschel to Network B, <pre>ip route add 192.168.1.0/24 via 10.0.0.200</pre> on 'hentschel'. On zm.home, ensure IP forwarding is enabled via <pre>sysctl net.ipv4.ip_forward</pre>, and set it to enabled in ''/etc/sysctl.config'' if not.
 
To add route from hentschel to Network B, <pre>ip route add 192.168.1.0/24 via 10.0.0.200</pre> on 'hentschel'. On zm.home, ensure IP forwarding is enabled via <pre>sysctl net.ipv4.ip_forward</pre>, and set it to enabled in ''/etc/sysctl.config'' if not.
The gateway on network B needs to be modified to redirect traffic destined for Network A via eth0 on zm.home. On the Asus router, that looks like this:
+
The gateway on network B needs to be modified to redirect traffic destined for host hentschel via eth0 on host zm.home. We don't redirect all internet traffic via the tunnel, just what is destined for zm.home. On the Asus router, that looks like this:
 
[[File:asus-static-route.png|400px|thumb|left|Under ''LAN''->''Route'']]<br clear=both>
 
[[File:asus-static-route.png|400px|thumb|left|Under ''LAN''->''Route'']]<br clear=both>

Revision as of 00:05, 24 March 2017

Setting up VPN via SSHD

from this link

  • enable
    • PermitTunnel yes
  • disable
    • AllowTcpForwarding yes

Important: Both sides need to run as root to create the tunnel device. Thus, 'ssh -w 0:0 root@www.hentschel.net' must run as root on the client side too.

        +---------------+            OpenSSH 4.3           +---------------+
        |   hentschel   | tun0 -- Tunnel Interface -- tun0 |   zm.home     |
        |  Has a tunnel | <------------------------------->|  Has a tunnel |  
        |  and ethernet | 10.0.0.100            10.0.0.200 |  and ethernet |
        +-------+-------+     point to point connection    +-------+-------+
           eth0 |                 creates a bridge                 | eth0  
 198.57.187.185 |               that plugs machine B               | 192.168.1.100
       Routable |                  into network A                  |          
       address  |                                                  |
        here    |                                                  |
        +-------+-------+                                  +-------+-------+ 
        |   Network A   |                                  |   Network B   |
        |  The Internet |                                  | 192.168.1.1/24|
        |  Has internet |                                  |  Has internet |
        |               |                                  |  NAT gateway  |
        +---------------+                                  +---------------+

To add route from hentschel to Network B,
ip route add 192.168.1.0/24 via 10.0.0.200
on 'hentschel'. On zm.home, ensure IP forwarding is enabled via
sysctl net.ipv4.ip_forward
, and set it to enabled in /etc/sysctl.config if not.

The gateway on network B needs to be modified to redirect traffic destined for host hentschel via eth0 on host zm.home. We don't redirect all internet traffic via the tunnel, just what is destined for zm.home. On the Asus router, that looks like this:

Under LAN->Route