Networking :: IPTables / SSH Tunnel With 2Nics

Oct 6, 2010

I've been running a DebLenny system on the network which acts as the local gateway. It has 2 network cards and traffic is directed as follows:

Code:
iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
iptables --append FORWARD --in-interface eth1 -j ACCEPT

However, I'd now like to put all the outgoing traffic through a remote system which will further handle the outgoing data (Squid, etc) via the PPPTP device. What would be the most efficient way by which I could achieve this?

View 1 Replies


ADVERTISEMENT

Security :: How To Set Iptables For IPSec Tunnel?

Jan 7, 2010

I want to setup firewall protection with iptables to support IPSec tunnels. That is, the firewall will drop anything from any host if it is not from an established IPSec tunnel. And it will accept anything (any protocols) if it's from an IPSec tunnel.

That is, I need also to open up ping to make ping work. But if I open up icmp, I cannot prevent pings from hosts that's outside my IPSec tunnels. This defeats my purpose.So if my purpose is to allow "anything" within the tunnel and disallow/drop anything outside the IPSec tunnels, how should I setup the iptables rules?

View 3 Replies View Related

Networking :: Can't Establish Tunnel For VPN Over SSH?

Jul 20, 2010

I'm trying to create a VPN through SSH but encounter the following:

Code:
[18:42:11]root@bronzhip:/home/casey# sudo ssh -w 0:0 97.**.***.221 -i VPN
channel 0: open failed: administratively prohibited: open failed

[code]....

View 6 Replies View Related

Networking :: How To Set Up Secure Web Tunnel?

Mar 24, 2011

I'm trying to set up a secure web tunnel at home I have an Ubuntu box (desktop), a Mac, and a Windows 7 box. I use all of them for different reasons. I want to be able to route traffic from my browser through my Ubuntu box. I have done this before with proxy servers abroad, but I want to do it using ssh and my box at home so I don't have to pay for a service i.e (Secure Tunnel)etc.

I followed the instructions at http://bit.ly/hAnp6u. However, using my Win7 box, after I set the browser part per the instructions, I get no connection from the browser.

View 1 Replies View Related

Networking :: Multi-hop VNC Tunnel Over SSH

Oct 21, 2010

Is it possible to chain together multiple SSH tunnel hops in a single `ssh -L` command on the client side? I have two gateways I need to get through in order to access a remote host. For a normal SSH client connection, it's simple enough chain this all together by simply appending the additional SSH connection commands to the first one:Code: ssh gateway.1 ssh gateway.2 ssh remote.host.

View 6 Replies View Related

Fedora Networking :: Can't Establish A Ssh Tunnel

Jun 20, 2010

I have a headless server, running Fedora 13. I want to make a ssh tunnel to that server from laptop that is also running Fedora 13. Logging into that server over ssh works well, X11 forwarding also works, but I can't establish a ssh tunnel.

At the moment I was trying to connect two small python tcp sample programs, that communicate through port 8000. Running them both on my laptop works well.

What I am trying to do is that I am making two seperate ssh connections to my server, let's say it's address is myserver.com.

1) I make a 'standard' ssh connection to it

Code:

And run the server program

2) I open another terminal window and make the tunnel

Code:

3) I open 3rd terminal window and try to run the client program, that is trying to connect to localhost:8000.

If I understand it correctly, the client should now connect to localhost:8000, ssh would discover that and send that data to myserver.com port 8000. Then the server program on myserver.com is listening on that port and should get that data and send "hello world" string back to the client. Then the client should get that, print it to stdout and exit.

Unfortunatly all what it does is that it just hangs for about ten seconds and then says "connection lost" (timeout?)

I have tried other programs, they also timout.

By passing the -v argument to ssh it outputs:

Code:

When I try to connect the client it prints four more lines:

Code:

So as you see, it says that the connection times out..Also can anybody tell what the "Unspecified GSS failure." means? The possible break in attempt is caused by connecting to the server using the myserver.com address while being in the same local network with the server. If I connect using server's local ip address (ie. 192.168.1.xxx), the message dissappears.

View 5 Replies View Related

Ubuntu Networking :: Create SSL Tunnel Over Ssh?

Oct 3, 2010

I Need to make an SSL tunnel over SSH, I need to create exactly an SSL tunnel,I have a situation like that, I heared it is possible,but don't know how to create an SSL tunnel over SSH i am having putty installed on my pc,So i think i can use putty for this purpose, But i don't know how to do this.

View 1 Replies View Related

Ubuntu Networking :: How To Create SSH Tunnel

Aug 3, 2011

I wanted to create an ssh tunnel but I do not know what commands to run .. my environment is as follows:
LAN Internet Office LAN
Home PC <-> Linux firewall <-> http server..

According to the above what I figure is that I have an internal web server at my job and I need to create a tunnel to access the web server from my PC in my home. I know I can do a port forwarding with the firewall but I don't want to publish this web server to Internet. My home PC and both servers (firewall and web) are ubuntu. My idea is create a ssh tunnel that forward port 8080 on localhost in my home pc, to the firewall (obviously with public ip), and the the firewall forward to port 80 on office web server at my job. Note that the firewall accepts ssh connections to port 22, same for web server...

View 2 Replies View Related

Networking :: Create Tunnel Between 2 Different Networks

Jun 8, 2010

i need possible direction on setting up a tunnel between 2 different network. The tunnel will be used by devices from the 2 different network to communicate with each other (for eg DevA and DevB).

DevA <-> Linux A <=====================> Linux B <-> DevB

View 3 Replies View Related

Networking :: How To Set Up Ssh Tunnel Through Http Proxy?

Mar 10, 2010

My school network uses a http proxy to access the internet, but I am dubious about the security, and so I would like to use http inside ssh to keep my data secure. I don't really know where to start on this, so a step-by-step guide, or links to resources, would be helpful.

View 2 Replies View Related

Networking :: How To Forward Ip Tunnel's Output

Aug 13, 2010

I'm trying to implement a routing short-cut solution, whose requirement is as following: server1(Linux) sends ip packets(destined to server3) to server2(Linux) via an ip tunnel between them, server2 forwards the ip tunnel's output (the inner ip packets) to server3. Each server has only one NIC and a public ip associated with it. All servers can communicate with each other. I'm sure the ip tunnel between server1 and server2 was configured correctly and worked well. server2's ip_forward was enabled too. On server2, I can capture the traffic on the ip tunnel interface, and they are originated from server1 and destined to server3. The problem is server2 does not forward the ip tunnel's output at all. On server2, I just run "echo 1 > /proc/sys/net/ipv4/ip_forward". Is there anything I missed for enabling ip_forward? Or originally, ip forward can't work on servers with only one NIC, can it?

View 3 Replies View Related

Networking :: Setup Ip Tunnel In Different Locations

Apr 18, 2011

I have 2 linux servers in different locations. I need to setup a ip tunnel. I follow this steps on both servers:

Server1: ip tunnel add tun0 mode ipip local IP_Server1 remote IP_Server2 dev ethX ip l s tun0 up ip a a 10.10.10.1 peer 10.10.10.2 dev tun0

Server2: ip tunnel add tun0 mode ipip local IP_Server2 remote IP_Server1 dev ethX ip l s tun0 up ip a a 10.10.10.2 peer 10.10.10.1 dev tun0

After creating the tunnel everything is ok, but after a time(maybe some hours), I can't ping the other end of the tunnel (ping to IP_Server1 and IP_Server2 is ok all the time; the connection to internet is very reliable). I have tried "ipip" and "gre" mode, but same result. If I ping from two servers the other end of the tunnel, the connection is again established for some hours and ping is working in both directions.(if I ping only from one side the ping is not working) How can I resolve this issue for no longer having to log on both servers to ping the other end of the tunnel? If I use an crondjob to ping the other end of the tunnel at 2 hours everything is working fine for weeks, but I need other solution.

View 5 Replies View Related

Networking :: Can't Ping Anything Behind The Server End Of The Tunnel?

Apr 5, 2010

I am building up a site-to-site OpenVPN tunnel between two locations. I am setting this up in two CentOS 5.4 boxes each containing two NIC's. I can get the tunnel up and running, and I can ping across the tunnel, however, from the client end of the tunnel I can not ping anything behind the server end of the tunnel. In other words, I can't ping anything on the server's LAN. On both servers, eth0 is the WAN side and eth1 is the LAN side.

OpenVPN server:
eth1 - 10.10.202.2/24
OpenVPN client-server:
eth1 - 192.168.204.1/24
I have IP forwarding enabled in the kernel on both machines.
Code:
[root@vpn01 openvpn]# cat /proc/sys/net/ipv4/ip_forward

[Code]...

I'm sure that the answer is right in front of me, but I can't seem to get it cleared up. I can't hit anything on the 192.168.1.0/24, 192.168.2.0/24, 10.10.4.0 or 10.10.202.0 networks from the client server.

View 14 Replies View Related

Networking :: Routing Subnet Over GRE Tunnel

Mar 1, 2011

Im trying to configure a GRE over IPSec connection between two subnets. The IPSec tunnel is opened and now I want to add a GRE tunnel over it.So, what I didn't understand is why I can't route my subnet over the tunnel, once the only route I have there says that it should route the tunnel IP over the GRE01 interface. Any hint? Thanks.

View 1 Replies View Related

Networking :: OpenVPN Can't Establish A Tunnel Via Fw2

Feb 10, 2011

I have two firewalls, one primary (fw1) and one fall-back/backup (fw2). On the LAN side the fw's reside in the same LAN segment. I have a client who wants VPN redundancy. So I configured two VPN tunnels for this client. One via fw1 and a backup via fw2. Since the default gateway on the VPN server points to fw1 only the tunnel via fw1 is established. OpenVPN can't establish a tunnel via fw2 because of the gateway and just sits there waiting...

View 1 Replies View Related

Ubuntu Networking :: Closing A Reverse SSH Tunnel?

Jan 31, 2010

so i start it with ssh -f -R 4096:localhost:22 me@server.com and it comes up and someone can log in at the remote end. how do i close the tunnel from the initiating end ? netstat doesnt seem to identify my end of the tunnel , unless im looking for the wrong thing!

View 1 Replies View Related

Ubuntu Networking :: Browsing Via SSH Tunnel Very Slow

Jan 31, 2010

Browsing via SSH Tunnel very slow When browsing in firefox at work via proxy through ssh on my 8.04 server the speed is near dial up. I have compression enabled, tried restarting ssh, and rebooting the server but it remains so sluggish. At home the connection is quick but the speed is lost in translation once I ssh in. I also tried adding "UseDNS no" to the ssh config but that did not help with the slow login or any other speed issues.

View 5 Replies View Related

Ubuntu Networking :: Surf Anonymously Using A SSH Tunnel?

Mar 29, 2010

I tried this :

Quote:

ssh -ND 9999 username@home_router_ip_address

and this is output :

�nani@jebe-kevu-ovaj-PC:~$ ssh -ND 999 nani@nani.homelinux.com
Privileged ports can only be forwarded by root.
nani@jebe-kevu-ovaj-PC:~$ sudo ssh -ND 999 nani@nani.homelinux.com

[code]....

which password is he looking for exacly ? user nani is main user at ubuntu after he asked me for password i typed my nani user password and i got in , after how you can see he ask me for onather password i tried the nani�s password but nothing is heppening ?

View 1 Replies View Related

Ubuntu Networking :: Can't Create SSH-tunnel In Script?

Sep 17, 2010

I'm trying to run a script to execute the command

Code:
ssh -D port host

when my laptop connects to internet. I have placed the script in /etc/network/if-up.d/.The scripts is being run when it should, but the SSH-tunnel isn't created.I can however run the script manually, as root, and then the tunnel is created.

View 7 Replies View Related

Ubuntu Networking :: Connect Samba Through SSH Tunnel?

Nov 13, 2010

I have a server running Ubuntu Server 10.04 that is a VirtualBox/Samba/SSH server. I have port forwarding set up for ports 22 and 3389 (SSH and RDP) and I want to access the Samba share without opening any other ports. I can connect to it from my internal network, but I want to be able to access it from school. My best guess would be to tunnel the Samba port through SSH, but I don't know how. I will be connecting to it from Ubuntu 10.10 Desktop.

View 9 Replies View Related

Ubuntu Networking :: Start SSH Tunnel At Boot?

Feb 14, 2011

In the office I use firefox for my work items and chrome for my personal items. I currently use proxy switchy with chrome to browse through an ssh tunnel to my home server. The chrome/switchy part works fine.In order to do this I have to open a command window every morning and execute:ssh -p8181 -D 9999 user@myhomeserver.comThen the command window asks my password and I am up and running. (my ssh server at home is running on port 8181)Is there a way to script this so I don't have to open the command window and enter my password every day (and also to prevent a visible command window from being open and visible)

View 1 Replies View Related

Ubuntu Networking :: Route DNS Queries Through Tunnel Too

Jul 6, 2011

I set up a routed OpenVPN server. Everything works fine. But I'd like to route the DNS queries thru the tunnel too. So I added:

[Code]....

Can't find server name for address 10.8.0.1: Non-existent domain Even thou I have a DNS server set up correctly (on the same server as the VPN) with recursion. I verified that by sending queries form external source, which worked fine. I suspect that the Bind server doesn't listen to the tun0-interface only eth0, but the Bind manual says it should listen to all interfaces by default. The server log shows:

Code:
named[9639]: client 10.8.0.10#3807: RFC 1918 response from Internet for 1.0.8.10.in-addr.arpa

How do I get these DNS queries to resolve thru the tunnel?

View 9 Replies View Related

Ubuntu Networking :: Connect Through A Tunnel On A Different Server?

Jul 19, 2011

I use two Ubuntu machines, one at home and one at work. In order to connect to the machine at work from home I need to connect through a "tunnel server" that controls all the traffic to the machines at work.I am able to connect with ssh to the tunnel server and from the tunnel server ssh my own machine at work. My question is how do I retrieve files form my work machine to the home machine. How do I sync folders between the machines using rsync when the "tunnel server" is in between?

View 3 Replies View Related

Ubuntu Networking :: SSH Tunnel / Port Forwarding

Jul 28, 2011

I don't understand the concept of ssh port forwarding and tunneling.I was going to set up a remote desktop (vnc) connection to my grandmother's laptop that we'll give her soon so if something goes wrong i can fix it from here (she lives on the other side of the world). However, i've read using vnc plain over the internet isn't secure, and that i can secure it by running it through an ssh tunnel.That's what i've understood so far. However, from there on i get confused.

I'd have to run both an ssh server AND a vnc server on her laptop? So what i'd have to do is ssh into her computer, and then while logged on on her computer, somehow open a vnc connection back from the remote server to the local computer? Then i'd go back to my local computer and open a port where the vnc connection is waiting? From the concept, it would seem like i should be able to tunnel all the regular network traffic from the local computer to the remote one through ssh?

View 4 Replies View Related

Networking :: HTTP Requests Always Go By TCP Connect Tunnel?

Aug 14, 2010

How do Http requests and responses go from a client to the server? IS a TCP Connect Tunnel always formed or is there some different mode ?

View 4 Replies View Related

Networking :: Connect To Windows Domain Via VPN Tunnel

Mar 16, 2011

I have my home network (connected to internet via VPN) and my "MS-based" work network (opened to internet via VPN). In windows I can easily create two VPN connections to enter my Work domain, but how can I do that in Linux? Network Manager allows only one VPN connection... The best way is to create pptp tunnel over configured in Network Manager ppp0. I've googled a lot but still didn't find any working example.

View 3 Replies View Related

Networking :: Use VPN Tunnel For All Traffic Except SMTP (port 25)?

Nov 8, 2010

I'm new to iptable configuration. I've set up a VPN using DD-WRT on my router and it works fine. However the VPN company does not allow port 25 traffic (in case of spammers) so now I can't get my emails sent out.

I'm guessing I can add some rules to my iptable so that all traffic except port 25 traffic can go out through the VPN tunnel. And hopefully, all port 25 traffic will go out through the normal Internet connection.code...

View 2 Replies View Related

Networking :: Get An Icmp Tunnel Setup Using Ptunnel

Jul 23, 2011

So im trying to get an icmp tunnel setup using ptunnel. When I run it under the same network and use to connect to RDP, it works fine, however when go outside my network and connect in, it does not get anywhere. I can confirm that I have forwarded ICMP packets to the server (if I ping the external ip it will show the status of the server if I unplug it) and that the server is showing signs of registering it.

On the client it just tries to resend the packet "Resending packet with seq-no 0" Over and over Firewall is off for testing so thats not the issue.

View 2 Replies View Related

Networking :: IPsec - Tunnel Restrictions And Users?

Jun 22, 2011

While I successfully configured an IPsec-VPN (I use a similar tho modified setup like this:[URL].. I am now stuck on the next steps. While I can connect to everything I want, I need to configure "access-groups" and/or "users".

The scenario is similar to this: Lets say Host A, B and C allow SSH-Connections and some weird non-standard UDP-Connection from Host-VPN, and are also accessible on other ports with public IP's (like http).

I now want to limit, that an admin-user has access to all of them, while trainee-admin only can access everything on Host B and C, and CEO only can connect via telnet to Host C - and all users can be roadwarriors

(I made this example up to give you an idea what i'm trying to do - hope it makes sense). Now my question is, if someone can point me towards a direction, as I'm quite clueless at the current moment as to what to try. I know that commercial IPsec-Implementations can do this, but can OpenSWAN/... give me something similar?

View 1 Replies View Related

Networking :: Making A Gateway Ssh To Tunnel The Traffic?

Sep 28, 2010

1.Making a Home server connect using ssh tunnel to a remote server ( to bypass proxy )

2. Making the home server accept connections as a gateway and forward anything that comes to it to the ssh tunnel connection of the remote server.

3. Making any client that puts the home server as a gateway in the network configuration gets a the tunnel connection to the remote server.

Home Server: ubuntu
Remote server: ubuntu

View 1 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved