install vtun
Download the vtun installation rpms (for centos)
wget http://mirror.optusnet.com.au/dag/redhat/el4/en/i386/dag/RPMS/lzo-1.08-4.2.el4.rf.i386.rpm
wget http://mirror.optusnet.com.au/dag/redhat/el4/en/i386/dag/RPMS/vtun-2.6-0.2.el4.rf.i386.rpm
# rpm -ivh lzo-1.08-4.2.el4.rf.i386.rpm
# rpm -ivh vtun-2.6-0.2.el4.rf.i386.rpm
/etc/vtund.conf on client
options {
port 5002; # Connect to this port.
timeout 60; # General timeout
# Path to various programs
ppp /usr/sbin/pppd;
ifconfig /sbin/ifconfig;
route /sbin/route;
firewall /sbin/ipchains;
ip /sbin/ip;
}
work_to_home {
passwd password; # Password
type ether; # Ethernet tunnel
device tap1; # Device tap1
up {
# Connection is Up
# Assign IP address and netmask.
ifconfig "%% 10.1.0.2 netmask 255.255.255.0";
# Add route to net 192.168.0.0/24
route "add -net 192.168.0.0 netmask 255.255.255.0 gw 10.1.0.1";
};
down {
# Connection is Down
# Shutdown tap device
ifconfig "%% down";
};
}
/etc/vtund.conf on server
options {
port 5002; # Listen on this port.
# Syslog facility
syslog daemon;
# Path to various programs
ppp /usr/sbin/pppd;
ifconfig /sbin/ifconfig;
route /sbin/route;
firewall /sbin/ipchains;
ip /sbin/ip;
}
# Default session options
default {
compress no; # Compression is off by default
speed 0; # By default maximum speed, NO shaping
}
work_to_home {
passwd password; # Password
type ether; # Ethernet tunnel
device tap1; # Device tap1
proto tcp; # UDP protocol
compress lzo:1; # LZO compression level 1
encrypt yes; # Encryption
stat yes; # Log connection statistic
keepalive yes; # Keep connection alive
up {
# Connection is Up
# Assign IP address
ifconfig "%% 10.1.0.1 netmask 255.255.255.0";
# Add route to net 10.2.0.0/24
route "add -net 131.242.216.0 netmask 255.255.255.0 gw 10.1.0.2";
route "add -net 203.9.184.0 netmask 255.255.255.0 gw 10.1.0.2";
# Enable masquerading for net 10.2.0.0.0/24
# firewall "-A forward -s 10.2.0.0/24 -d 0.0.0.0/0 -j MASQ";
};
down {
# Connection is Down
# Shutdown tap device.
ifconfig "%% down";
# Disable masquerading for net 10.2.0.0.0/24
# firewall "-D forward -s 10.2.0.0/24 -d 0.0.0.0/0 -j MASQ";
};
}
creating connection script for client
Some of this only needs to be done once. The last ssh command creates the sshd tunnel for vtund
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp
echo 1 > /proc/sys/net/ipv4/conf/eth0/forwarding
iptables -A POSTROUTING -j MASQUERADE -t nat
vtund -n -f /etc/vtund.conf work_to_home localhost &
ssh -L 5002:localhost:5002 user@server
Subscribe to:
Post Comments (Atom)
Splitting the home network
Who wouldn't want to separate the traffic at home for security reasons. The more common ones include wireless guest and wireless users. ...
-
Broadlink now has quite a lot of integration options almost out of the box. If you enable Broadlink IHC, you can directly link it to Alexa b...
-
How to setup Fibaro home center lite (HCL) slider for virtual devices. As the Fibaro HCL does not support LUA. The question was how to upd...
-
It seems that the Fibaro HCL seems to hang every now and then. Instead of trying to restart it regularly, which doesn't really work, as ...
No comments:
Post a comment