Jump to content
Not connected, Your IP: 3.138.124.123
Sign in to follow this  
kgc

Suggestion: Double VPN with SSH-tunnel

Recommended Posts

Posted ... (edited)

Now you recommend create SSH tunnel with this script:

Quote

chmod 600 sshtunnel.key
while :
do
echo ""; echo "AirVPN SSH Tunnel"
ssh -i sshtunnel.key -L 1412:127.0.0.1:2019 sshtunnel@100.100.100.100 -p 22 -N -T -v
read -t 5 -p "Retry? (or wait 5 sec for Y)" yn
if [[ $yn == "n" || $yn == "N" ]]; then break; fi
done

where 100.100.100.100 - IP-address of your server.

Then customer need launch openvpn with config with these lines:
Quote

remote 127.0.0.1 1412
route 100.100.100.100 255.255.255.255 net_gateway





I tried create SSH tunnel with other script:
Quote

chmod 600 sshtunnel.key
while :
do
echo ""; echo "AirVPN SSH Tunnel"
ssh -i sshtunnel.key -L 1412:200.200.200.200:2019 sshtunnel@100.100.100.100 -p 22 -N -T -v
read -t 5 -p "Retry? (or wait 5 sec for Y)" yn
if [[ $yn == "n" || $yn == "N" ]]; then break; fi
done

where 200.200.200.200 - IP-address of other your server.

And then launch openvpn with the same config:
Quote

remote 127.0.0.1 1412
route 100.100.100.100 255.255.255.255 net_gateway

But tun0 is not created.

Log of ssh contains this line:
Quote

channel 2: open failed: administratively prohibited: open failed


Also I tried change port from 2019 to 2018 with the same result.
(2019 is port for OpenVPN inside SSH, 2018 is port for clear OpenVPN).

I think you do not allow such connections.
If you will allow such connections customers will create double VPN like that:
Customer <------------------------> 100.100.100.100 <------------------------> 200.200.200.200 <------------------------> Internet
                     SSH+OpenVPN                                       OpenVPN Edited ... by kgc

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

×
×
  • Create New...