25 Feb
2011
25 Feb
'11
12:06 p.m.
Hi,
I'm going on a foreign trip to somewhere the only network available will be firewalled
and behind an HTTP proxy so I'm trying to set up a VPN on my VPS so I can get
"proper" Internet. Don't worry about the permission-to-vpn-out; I've
dealt with that.
I used to have a bridged VPN set up at home that let me join my home network. That worked
fine but since I don't own a subnet at Bitfolk I don't think I can use that
configuration here.
I've installed OpenVPN and set it up for a routed network. The client connects fine to
the server on the VPS and gets a ten-dot address from it. I can ping the .1 address from
the ten-dot range and the other interfaces on the VPS.
I've got no connectivity to the outside world. My VPS has 2 IP addresses on eth0 and
eth0:1. I think I need to NAT the eth0:1 address so it can be used by the client as an
Internet connection. I've tried the advice from a couple of online guides but I
can't get it to work.
I may have to travel as early as tomorrow so I'm running out of time for random
experimentation. Can anyone give me some pointers on how to make this setup functional
please?
Thanks,
Paul.
25 Feb
25 Feb
1:04 p.m.
Paul,
I've not setup OpenVPN in the way you intend to use it, but I guess
essentially you want to VPN to your server, then masquerade as that
server IP to access other sites and pull them down to your machine.
I tend to use ssh for that (ssh -D 2345 $servername) - and then set up
my network to connect via a socks v5 proxy, specifying the address as
localhost:2345.
If you've only setup access for your OpenVPN client, then you can get
ssh to listen on the OpenVPN port to get round this.
Regards,
Andy
On 25 February 2011 12:06, <paul(a)stimpsonfamily.co.uk> wrote:
Hi,
I'm going on a foreign trip to somewhere the only network available will be
firewalled and behind an HTTP proxy so I'm trying to set up a VPN on my VPS so I can
get "proper" Internet. Don't worry about the permission-to-vpn-out; I've
dealt with that.
I used to have a bridged VPN set up at home that let me join my home network. That worked
fine but since I don't own a subnet at Bitfolk I don't think I can use that
configuration here.
I've installed OpenVPN and set it up for a routed network. The client connects fine
to the server on the VPS and gets a ten-dot address from it. I can ping the .1 address
from the ten-dot range and the other interfaces on the VPS.
I've got no connectivity to the outside world. My VPS has 2 IP addresses on eth0 and
eth0:1. I think I need to NAT the eth0:1 address so it can be used by the client as an
Internet connection. I've tried the advice from a couple of online guides but I
can't get it to work.
I may have to travel as early as tomorrow so I'm running out of time for random
experimentation. Can anyone give me some pointers on how to make this setup functional
please?
Thanks,
Paul.
_______________________________________________
users mailing list
users(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/users
27 Feb
27 Feb
midnight
Paul,
I was doing this very same thing when I was in China over Christmas, so I could access
blocked sites from my iPhone/iPad whilst out there. I found that I had to set up squid to
run on my VPS, and then configure the VPN client on my iPhone/iPad to 'autoconfigure
httpd proxy' - I remember following a guide to get it up and running, but I'm
afraid I don't remember the URL or anything. Maybe try googling for something like
'vpn squid proxy linux'.
Good luck!
Paul
On 25 Feb 2011, at 13:04, Andy Loughran wrote:
Paul,
I've not setup OpenVPN in the way you intend to use it, but I guess
essentially you want to VPN to your server, then masquerade as that
server IP to access other sites and pull them down to your machine.
I tend to use ssh for that (ssh -D 2345 $servername) - and then set up
my network to connect via a socks v5 proxy, specifying the address as
localhost:2345.
If you've only setup access for your OpenVPN client, then you can get
ssh to listen on the OpenVPN port to get round this.
Regards,
Andy
On 25 February 2011 12:06, <paul(a)stimpsonfamily.co.uk> wrote:
Hi,
I'm going on a foreign trip to somewhere the only network available will be
firewalled and behind an HTTP proxy so I'm trying to set up a VPN on my VPS so I can
get "proper" Internet. Don't worry about the permission-to-vpn-out; I've
dealt with that.
I used to have a bridged VPN set up at home that let me join my home network. That worked
fine but since I don't own a subnet at Bitfolk I don't think I can use that
configuration here.
I've installed OpenVPN and set it up for a routed network. The client connects fine
to the server on the VPS and gets a ten-dot address from it. I can ping the .1 address
from the ten-dot range and the other interfaces on the VPS.
I've got no connectivity to the outside world. My VPS has 2 IP addresses on eth0 and
eth0:1. I think I need to NAT the eth0:1 address so it can be used by the client as an
Internet connection. I've tried the advice from a couple of online guides but I
can't get it to work.
I may have to travel as early as tomorrow so I'm running out of time for random
experimentation. Can anyone give me some pointers on how to make this setup functional
please?
Thanks,
Paul.
_______________________________________________
users mailing list
users(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/users
_______________________________________________
users mailing list
users(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/users
28 Feb
28 Feb
1:31 a.m.
I have a similar setup (albeit on my flat server rather than a VPS);
but would highly recommend L2TP over IPSEC (which has built-in clients
on Windows, OSX and iPhone).
It did involve some hackery, but followed generally this blog post.
https://www.hitzemann.org/ttb/?p=14
I've found the NAT support is much better than my previous attempts
with PPTP/GRE.
IP routing wise; as connections are routed rather than proxied you do
need to enable ip_forward [1] and SNAT from the VPN IPs to your
external IP
~Mat
--
1 - echo 1 > /proc/sys/net/ipv4/ip_forward
On 27 February 2011 00:00, Paul Lewis <bitfolk(a)pjlewis.org> wrote:
Paul,
I was doing this very same thing when I was in China over Christmas, so I could access
blocked sites from my iPhone/iPad whilst out there. I found that I had to set up squid to
run on my VPS, and then configure the VPN client on my iPhone/iPad to 'autoconfigure
httpd proxy' - I remember following a guide to get it up and running, but I'm
afraid I don't remember the URL or anything. Maybe try googling for something like
'vpn squid proxy linux'.
Good luck!
Paul
On 25 Feb 2011, at 13:04, Andy Loughran wrote:
> Paul,
>
> I've not setup OpenVPN in the way you intend to use it, but I guess
> essentially you want to VPN to your server, then masquerade as that
> server IP to access other sites and pull them down to your machine.
>
> I tend to use ssh for that (ssh -D 2345 $servername) - and then set up
> my network to connect via a socks v5 proxy, specifying the address as
> localhost:2345.
>
> If you've only setup access for your OpenVPN client, then you can get
> ssh to listen on the OpenVPN port to get round this.
>
> Regards,
>
> Andy
>
> On 25 February 2011 12:06, <paul(a)stimpsonfamily.co.uk> wrote:
>>
>>
>> Hi,
>>
>> I'm going on a foreign trip to somewhere the only network available will be
firewalled and behind an HTTP proxy so I'm trying to set up a VPN on my VPS so I can
get "proper" Internet. Don't worry about the permission-to-vpn-out; I've
dealt with that.
>>
>> I used to have a bridged VPN set up at home that let me join my home network.
That worked fine but since I don't own a subnet at Bitfolk I don't think I can use
that configuration here.
>>
>> I've installed OpenVPN and set it up for a routed network. The client
connects fine to the server on the VPS and gets a ten-dot address from it. I can ping the
.1 address from the ten-dot range and the other interfaces on the VPS.
>>
>> I've got no connectivity to the outside world. My VPS has 2 IP addresses on
eth0 and eth0:1. I think I need to NAT the eth0:1 address so it can be used by the client
as an Internet connection. I've tried the advice from a couple of online guides but I
can't get it to work.
>>
>> I may have to travel as early as tomorrow so I'm running out of time for
random experimentation. Can anyone give me some pointers on how to make this setup
functional please?
>>
>> Thanks,
>> Paul.
25 Feb
25 Feb
3:53 p.m.
Hi Paul,
Does the OpenVPN client get a default route? Have you set up iptables
masquerading/SNAT on eth0? Show us your "iptables -t nat -vnL".
I used poptop (http://poptop.sourceforge.net/) for the same purpose.
It's way more simple than OpenVPN and yet still achieves the same goal.
Regards,
Andryan
On Fri, Feb 25, 2011 at 7:06 PM, <paul(a)stimpsonfamily.co.uk> wrote:
Hi,
I'm going on a foreign trip to somewhere the only network available will be
firewalled and behind an HTTP proxy so I'm trying to set up a VPN on my VPS so I can
get "proper" Internet. Don't worry about the permission-to-vpn-out; I've
dealt with that.
I used to have a bridged VPN set up at home that let me join my home network. That worked
fine but since I don't own a subnet at Bitfolk I don't think I can use that
configuration here.
I've installed OpenVPN and set it up for a routed network. The client connects fine
to the server on the VPS and gets a ten-dot address from it. I can ping the .1 address
from the ten-dot range and the other interfaces on the VPS.
I've got no connectivity to the outside world. My VPS has 2 IP addresses on eth0 and
eth0:1. I think I need to NAT the eth0:1 address so it can be used by the client as an
Internet connection. I've tried the advice from a couple of online guides but I
can't get it to work.
I may have to travel as early as tomorrow so I'm running out of time for random
experimentation. Can anyone give me some pointers on how to make this setup functional
please?
Thanks,
Paul.
_______________________________________________
users mailing list
users(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/users
5054
days inactive
5057
days old
4 comments
5 participants
participants (5)
-
Andryan -
Andy Loughran -
Mat Johns -
Paul Lewis -
paul@stimpsonfamily.co.uk