[geeks] SSH Forwarding a non-local server / OpenVPN

Mark Benson md.benson at gmail.com
Mon Jun 8 10:08:32 CDT 2015


It's the quality of the hardware as well as the firmware that worries
me about TP-Link. We had one of their WiFi APs at home an eventually
just gave up and replaced it as it kept randomly giving up on us :3

On Mon, Jun 8, 2015 at 3:26 PM, Jonathan Katz <jon at jonworld.com> wrote:
> There are windows-based SSH daemons which you can tweak to be fairly
> solid so you won't have shell access. I of course forgot the name of
> the product, but I can dig it up.
>
> You can set it up so it is only accessible if there is a public key
> which corresponds to a client private key on the client, so no matter
> who connects, it won't work unless it's the specific client.
>
> Don't disparrage the horrible TP-Link option. I bought a newer TP-Link
> and threw dd-wrt on it, which is full OpenVPN/enterprise capable and
> it works great.
>
> On Mon, Jun 8, 2015 at 4:22 PM, Mark Benson <md.benson at gmail.com> wrote:
>> Hi,
>>
>> You recall I asked last week about VPN/SSH options with a non-VPN
>> router. I decided to explore SSH tunneling and can find plenty of
>> information on setting up tunnels to remote *nix machines which is
>> grand, by the end of the year our whole system will be Linux based so
>> nothing to worry about here. However there is a short-term fly in the
>> ointment. Our production systems currently run on a Windows Server box
>> (I am slowly attempting to migrate it to a Linux VM but I keep getting
>> other stuff land on my plate). I can't SSH into the box (I dare not
>> expose any ports on an old Windows Server anyway!) as it has no SSH.
>>
>> I only need access to port 80 on it. Is there any way to forward it's
>> port 80 to a point on Linux VM/server I can SSH forward? Is this a
>> nightmare that's more effort than it's worth?
>>
>> Alternatively, does anyone have a good tutorial/hardware platform
>> recommendation for building a robust OpenVPN to make a router that
>> will take a WAN connection and route Internet traffic in to the LAN
>> (any outgoing, plus selected in incoming) and offer a VPN gateway to
>> connect to the LAN from a remote point also? Or does an affordable
>> version of this exist to buy that's not by someone horrible like
>> TP-Link? :)
>>
>> Thanks, as always, for any help,
>>
>> --
>>
>> Mark Benson
>> _______________________________________________
>> GEEKS:  http://www.sunhelp.org/mailman/listinfo/geeks
>
>
>
> --
> -Jon
> +32 0 486 260 686
> _______________________________________________
> GEEKS:  http://www.sunhelp.org/mailman/listinfo/geeks


More information about the geeks mailing list