[Openswan Users] Connecting to other machines in subnet
thecajun at nmia.com
Mon Feb 11 18:10:19 EST 2013
> What you are talking about is doable, but I need to know a little more about your setup.
> Do you still want an IPsec connection between site A and B with the SSH connection to machine C (which is at site B) inside of it?
> Or do you want the SSH connection to go directly to machine C and not be encapsulated in the IPsec tunnel?
> Is machine B the gateway for site B (and thus for machine C)? Or does machine C have its own public IP address?
Ok, let me give you the detailed setup. Both sites are behind modems,
none of the servers have real ip addresses. Site A has a hardware VPN,
this is connected to VPN server at site B (server B). I wish to connect
to port 80 on machine C (with browser). Server B does not need 80. I
need to be able to ssh into server B yet still be able to ssh into
machine C (from server B is fine). Did I leave anything out? While I
am at it. I also need iptable rules which allow vpn to work. I've been
running without iptables.
> On 02/11/2013 02:40 PM, Durwin wrote:
> > If you mean for me to get the ip addresses from tcpdump, I already know
> > them. For example. Site A machine has local ip a.a.a.a and ssh's to
> > Site B (which is running VPN) like ssh user at b.b.b.b I want it to go to
> > c.c.c.c What has me concerned is, if I forward port 22 to c.c.c.c,
> > does the machine know how to return traffic with just that one iptables
> > line? Or do I need to add another line to tell c.c.c.c how to send
> > traffic back to a.a.a.a?
> > Thank you,
> > Durwin
> >> On 11 Feb 2013, at 20:02, Durwin wrote:
> >>> I have VPN setup. Works just fine. However, it is desired to be able
> >>> to connect to a specific machine (other then the one running VPN). For
> >>> example, machine A at VPN location 1 needs to connect directly to
> >>> machine C at VPN location 2. Machine B is running VPN. Is there a way?
> >>> I am thinking iptables, but I only have a working knowlegde of it.
> >>> Thank you,
> >>> Durwin
> >>> _______________________________________________
> >>> Users at lists.openswan.org
> >>> https://lists.openswan.org/mailman/listinfo/users
> >>> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> >>> Building and Integrating Virtual Private Networks with Openswan:
> >>> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
> >> Regards
> >> Dan.
> > Durwin F. De La Rue <thecajun at nmia.com>
> Users at lists.openswan.org
> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> Building and Integrating Virtual Private Networks with Openswan:
Durwin F. De La Rue <thecajun at nmia.com>
reality.sys corrupted. universe halted. reboot (y/n)?
More information about the Users