A few small projects in mind...

General questions regarding Linux.

Moderators: Terry, FWLUG Administrator

A few small projects in mind...

Postby theTick197 » Thu Oct 25, 2007 9:41 pm

Me and a friend of mine want to build a vpn for our houses. How do i need to go about doing that? Do i need a server for it?

Oh yes, and im trying to set my computer up so that i can ssh into it from another computer, not a local one, but one thats like at my other house or at school. What do i need to do to accomplish that and for it to be secure? I already have it set up where i can do that with a computer on the LAN.
theTick197
 
Posts: 13
Joined: Wed Feb 14, 2007 10:47 pm

I am not an expert...

Postby Davemon » Tue Oct 30, 2007 2:01 am

But I think we need to know a little more about your network topography. How many computers, and where you want to connect to/from.

I do believe there are many utilities/modules that allow VPN.

I know its been a little while, but post what you want and lets see if we can get some answers for you.



Davemon
User avatar
Davemon
 
Posts: 247
Joined: Sat Feb 10, 2007 2:42 pm

Postby theTick197 » Tue Oct 30, 2007 10:17 pm

Ok, the vpn for me and my friend - We live in opposite ends of Aledo. I want to make it so that our two computers are connected and our xboxes also.

SSH setup - I would like to connect to my computer at my moms house ( in aledo ) from the computer at my dads house (weatherford). the network i have set up in aledo has 2pcs, an xbox, a ps3 that has ubuntu on it, and a sega dreamcast.
theTick197
 
Posts: 13
Joined: Wed Feb 14, 2007 10:47 pm

Postby Terry » Tue Nov 13, 2007 10:37 am

If you have outside IP addresses on each of these locations, your goals will be feasable, if not, it will not be possible. In other words, it will depend on the type of Internet connections you have. You also have to make provision / allowances for pppoe or DHCP type connections if you have either of those.

Also, if there are routers, they will need to be configured to pass the appropriate ports and services to the target PCs. Often times, the Internet service provider will provide a modem / router that will not facilitate port forwarding - SBC.YAHOO is one such provider and they normally use a pppoe login proceedure. If you have SBC.YAHOO and one of these DSL modem / routers, you will need to disable the pppoe login function and place it in bridge mode only, and I'm assuming the device is configurable in that capacity, but if not, you will need to replace it with a modem that does allow straight-through bridge mode. Once you get that done, then you need to configure your PC to do the pppoe login process for you, or have your VPN server do it for you.

At this point, I would suggest an IPCop firewall server. which has VPN net-to-net service settings along with all sorts of port forwarding capabilities which are very easy to implement. You will have a much easier time of it if you build an IPCop [or Shorewall] box and set it up to do the pppoe login for you - if you have more than one computer to connect to the internet, just place a hub or switch between IPCop's GREEN interface and your inside PCs, enable VPN to the desired computer and SSH port forwarding (port 22), etc. etc. IPCop [or Shorewall] is ideal for this sort of thing.
You'll find some good information in IPCop's administration manual, http://www.ipcop.org/1.4.0/en/admin/html/
Here is VPN specific info: http://www.ipcop.org/1.4.0/en/admin/html/vpnaw.html

Hope this helps,
Work through some of these issues and let us know if there's anything we can help with.
Registered Linux User 188099
<><
User avatar
Terry
 
Posts: 86
Joined: Sat Feb 10, 2007 4:01 pm

Postby Terry » Sun Nov 18, 2007 10:28 pm

Terry wrote:If you have outside IP addresses on each of these locations, your goals will be feasable, if not, it will not be possible. In other words, it will depend on the type of Internet connections you have. You also have to make provision / allowances for pppoe or DHCP type connections if you have either of those.

Also, if there are routers, they will need to be configured to pass the appropriate ports and services to the target PCs. Often times, the Internet service provider will provide a modem / router that will not facilitate port forwarding - SBC.YAHOO is one such provider and they normally use a pppoe login proceedure. If you have SBC.YAHOO and one of these DSL modem / routers, you will need to disable the pppoe login function and place it in bridge mode only,

I stand corrected. Just checked on my cousins SpeedStream4100 and it does, in fact, have provisions for port forwarding.
See:
http://www.finestplanet.com/downloads/SS4100manual.pdf

At this point, I would suggest an IPCop firewall server. which has VPN net-to-net service settings along with all sorts of port forwarding capabilities which are very easy to implement. You will have a much easier time of it if you build an IPCop [or Shorewall] box and set it up to do the pppoe login for you - if you have more than one computer to connect to the internet, just place a hub or switch between IPCop's GREEN interface and your inside PCs, enable VPN to the desired computer and SSH port forwarding (port 22), etc. etc. IPCop [or Shorewall] is ideal for this sort of thing.
You'll find some good information in IPCop's administration manual, http://www.ipcop.org/1.4.0/en/admin/html/
Here is VPN specific info: http://www.ipcop.org/1.4.0/en/admin/html/vpnaw.html

Hope this helps,
Work through some of these issues and let us know if there's anything we can help with.
Registered Linux User 188099
<><
User avatar
Terry
 
Posts: 86
Joined: Sat Feb 10, 2007 4:01 pm


Return to FWLUG General Discussions

Who is online

Users browsing this forum: No registered users and 1 guest