[plug] clients "phone home" to server. VPN maybe?

Tim weirdit at gmail.com
Sat May 2 12:30:48 WST 2009


I currently administer a server in South Africa, that "phones home"
using autossh and (ssh)port forwarding (due to it being behind a NAT
at the ISP so port forwarding a public ip address isn't possible). But
now I need to start expanding the servers that call home from various
locations. The issue is rather obvious, they can't all SSH in to my
server and reverse port forward the same port to themselves. The first
machine gets the port, the rest miss out. I could of course make sure
they all call home to a different port, but then I have to manually
ssh back into each machine (via it's reverse port forward) before I
can access any resources on it.

So from some basic reading, I THINK a VPN will do what I need.
Essentially I need a virtual network that each machine calls into, and
is assigned a virtual ip address on (probably static so I can identify
each machine) the virtual network, but be able to access the virtual
network from my server. The server is also behind a NAT, but can port
forward from the public ip address easily.

So in a basic form
Servers Public IP Address --> Private IP address, i.e. 192.168.0.1
Virtual Private network on Server, 10.10.10.0/24, with server virtual
ip of 10.10.10.1
Each client "phones" in from some random ip in the world, probably
natted, to the servers public ip which is translated to it's private
ip 192.168.0.1, and is connected to the virtual network 10.10.10.0/24
and assigned an ip (i.e. like DHCP).
>From the server, I can access each client, and all services running on
the client, with it's virtual ip, e.g. 10.10.10.2 and 10.10.10.3 and
10.10.10.4

Can someone inform me if a VPN will do what I want, or if there is
another solution? All machines are running Linux, and I have full
control of the software going on the client machines (as it's a custom
distribution I'm building, based on Ubuntu 8.10)

Thanks

Tim
p.s. I am in the process of reading up on VPN's, but there seems to be
lots of different kinds of VPN so I'm a little confused and lost


-- 
Timothy White - Somewhere in Australia



More information about the plug mailing list