[plug] clients "phone home" to server. VPN maybe?

Jon L. Miller jlmiller at mmtnetworks.com.au
Sat May 2 16:36:46 WST 2009


Sounds like you need a Hub and Spoke VPN that can handle multiple
connections at the same time. I do the static addressing so I know who is
on, my setups are always on and it's router to router endpoints not router
to server or server to server.

J


On Sat, May 2, 2009 12:30, Tim wrote:
> I currently administer a server in South Africa, that "phones home"
> using autossh and (ssh)port forwarding (due to it being behind a NAT
> at the ISP so port forwarding a public ip address isn't possible). But
> now I need to start expanding the servers that call home from various
> locations. The issue is rather obvious, they can't all SSH in to my
> server and reverse port forward the same port to themselves. The first
> machine gets the port, the rest miss out. I could of course make sure
> they all call home to a different port, but then I have to manually
> ssh back into each machine (via it's reverse port forward) before I
> can access any resources on it.
>
> So from some basic reading, I THINK a VPN will do what I need.
> Essentially I need a virtual network that each machine calls into, and
> is assigned a virtual ip address on (probably static so I can identify
> each machine) the virtual network, but be able to access the virtual
> network from my server. The server is also behind a NAT, but can port
> forward from the public ip address easily.
>
> So in a basic form
> Servers Public IP Address --> Private IP address, i.e. 192.168.0.1
> Virtual Private network on Server, 10.10.10.0/24, with server virtual
> ip of 10.10.10.1
> Each client "phones" in from some random ip in the world, probably
> natted, to the servers public ip which is translated to it's private
> ip 192.168.0.1, and is connected to the virtual network 10.10.10.0/24
> and assigned an ip (i.e. like DHCP).
>>From the server, I can access each client, and all services running on
> the client, with it's virtual ip, e.g. 10.10.10.2 and 10.10.10.3 and
> 10.10.10.4
>
> Can someone inform me if a VPN will do what I want, or if there is
> another solution? All machines are running Linux, and I have full
> control of the software going on the client machines (as it's a custom
> distribution I'm building, based on Ubuntu 8.10)
>
> Thanks
>
> Tim
> p.s. I am in the process of reading up on VPN's, but there seems to be
> lots of different kinds of VPN so I'm a little confused and lost
>
>
> --
> Timothy White - Somewhere in Australia
> _______________________________________________
> PLUG discussion list: plug at plug.org.au
> http://www.plug.org.au/mailman/listinfo/plug
> Committee e-mail: committee at plug.linux.org.au
>


-- 
Regards,

-----------------------------
Jon L. Miller MCNE CNE CCNA
East Perth, WA 6004
WA, Australia
--------------------------------




More information about the plug mailing list