Tunneling a protocol over ssh

Ed Robbins ed at erobbins.com
Wed Nov 5 00:08:53 EST 2003 

Here ya go, I do the exact same thing.  I build an ssh tunnel from work 
to my home and it is very seemless, once you figure out the routing.

/usr/sbin/pppd proxyarp noauth pty "ssh home -p 22 -C -2 '/usr/sbin/pppd 
proxyarp notty noauth 192.168.100.20:192.168.100.21'" 
192.168.100.21:192.168.100.20

Once the connection is made, I have a script that takes care of the 
routing for me.
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
 echo 1 > /proc/sys/net/ipv4/ip_forward

So my home network is 192.168.1.x, which isn't used in our network.  
This routing will handle it:

route add -net 192.168.1.0/24 gw 192.168.100.21

The ssh tunnel machine has an IP of 192.168.117.92 so this route on a 
client, other than the ssh machine, will get the packet to my home network.

route add -net 192.168.1.0/24 gw 192.168.117.92

Ed

Chris wrote:

>I have a problem at work because they have turned off nearly all our
>ports outgoing as well as incoming....
>
>what I would like to do is this...
>
>
>HOME
>
>Linux box running a vncserver
>
>           |
>           |
>           |
>
>CABLE MODEM
>
>           |
>           |
>           |
>
>Firewall at work
>
>           |
>           |
>           |
>
>My Win2k desktop system at work
>running a VNCviewer
>
>I also have some Linux and Solaris systems which I can use...
>
>What I would like to do is set up an ssh tunnel so that I can view my
>Linux system at home which
>
>so my thinking is that I should be able to use one of the *nix boxes to
>tunnel the VNC connection via ssh over port 22
>
>what commands on the Linux/Solaris boxes do I need to use to do that,
>also do I need to run some command on my Linux box at home to complete
>the connection
>
>I have been able to view my Home Win2k system on my work 2k system using
>a tunnel via putty, so I know it is possible... and I just redirect a
>port on my Home Linux system to my home Win2K box.
>
>Thanks
>
>Chris
>
>
>_______________________________________________
>gnhlug-discuss mailing list
>gnhlug-discuss at mail.gnhlug.org
>http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
>
>  
>

More information about the gnhlug-discuss mailing list