Latest News

Popular

Linux-Tip News

We are proud to present Linux-Tip Europe. This page is designed to provide the Linux users community (not only in Europe) with news and articles that are of interest to them. It works by allowing members of the community to submit news and articles relating to Linux hardware and software. This same community can then decide what tips should be promoted based on what they consider to be the most important or interesting to the community by voting stories up and down. Stories that receive enough votes are promoted to the Linux-Tip Europe homepage. Bookmark and Share
 
Home
Set up a SSH-based point to point connection Print E-mail
Sunday, 30 November 2008
Article Index
Set up a SSH-based point to point connection
Page 2
Page 2 of 2


Step 4: Establishing the point to point connection and creating the routes

Creating a TUN device on both systems:

ssh –w 0:0 –i /root/.ssh/id_rsa-vpn router2

Configure the network devices and add default routes on both system like this:

Router 1:

modprobe tun
ifconfig tun0 up
ifconfig tun0 192.168.100.31 pointopoint 192.168.100.32 netmask 255.255.255.0
route add –net 192.168.33.0 netmask 255.255.255.0 gw 192.168.100.32 tun0
echo “1” > /proc/sys/net/ipv4/ip_forward

 

 

Router 2:

modprobe tun
ifconfig tun0 up
ifconfig tun0 192.168.100.32 pointopoint 192.168.100.31 netmask 255.255.255.0
route add –net 10.0.0.0 netmask 255.255.255.0 gw 192.168.100.31 tun0
echo “1” > /proc/sys/net/ipv4/ip_forward

 

Click image to open!
Click image to open!

 

Step 5: Test the connection

SSH is such a wonderfully flexible and versatile program, and it has built-in support for creating a secure VPN to do just that.  The idea is to make it so that all traffic from the “green network to the “yellow network” is routed through the remote server using a secure VPN link. We will use Wireshark to test this.

Test 1: Ping the desktop with IP 192.168.33.2 (Yellow network) from the Mail server with IP 10.0.0.3 (green network).

Test2: Try to access a webpage running on the server with IP 10.0.0.2 (green networl) from desktop with IP 192.168.33.2 (yellow network).

In both test we should just see encrypted packages like displayed in the picture below.

Click image to open!


Step 5:  Create your own script to start the tunnel automatically

There are other ways to set up SSH-based point to point connections and to automate the process, but we will leave these as an exercise for the reader. If you haven’t a clue how to start, download for example these files and try to adjust it for your favourite distribution.

ftp://ftp.heise.de/pub/ct/listings/0821-170.zip



 

 

 



<< Prev - Next
 
< Prev   Next >
[ Back ]

Main Menu

Home
Blog
News
Tips and Tricks
Workshops
Video-Tutorials
Search
Contact Us
Disclaimer

Who's Online

We have 15 guests online

Virus Info Feed

Alexa Traffic Stats

Sedo - Domains kaufen und verkaufen das Projekt linux-tip.eu steht zum Verkauf Besucherstatistiken von linux-tip.eu etracker® Web-Controlling statt Logfile-Analyse
Urlaub Spanien