Tzafrir Cohen wrote:
> On Fri, Jan 02, 2009 at 11:20:28AM +0200, Jabka Atu wrote:
>
>> Howdy ,
>>
>> I used to ssh tunnel's to overcome NAT problems and just for fun.
>> One of the thins is to do ssh -L portonmypc:NATip:NATport
>> u...@sshserverinfrontofnat
>> This will bring the abiulty to use most of things.
>>
>> The question is there a way to connect this kind of tunnel to fakeip ?
>> for example something in type of :
>> /etc/hosts
>> ip:port natedpc.somedomain natedpc
>>
>> so you can use your laptop (pc ) without further edittions.
>> what i mean is that if i used (
>> https://help.ubuntu.com/community/SSH_VPN ) type i would need to set it
>> on two or more pc the tun devices , but i wish to do all the settings on
>> one pc.
>>
>
> I'm not sure I understand what it is the problem you're trying to solve.
>
> If you want a permanent tunnel and one of the parties has a permanent
> name, I'd go for openvpn instead.
>
>
Ok ,
I wish to connect to NATed application without altering the clients:
the only tool i can use is ssh (this is the only server side application
that i can use);
I can't use tun on the server (AFIAK).
for example let say that i have a dns server on a private net (
10.10.0.1) and i have the www ip (firewall) 1.2.3.4
and i wish to use this dns i understand that it should be done using tun.
next i could create a new route using tun (or anything like it) to
1.2.3.4 :
tun0 will has an aceptable ip or any other way it can work inside the
other private net.
so if tun0 is the tunnel :
# route add -host 10.10.0.1 dev tun0
so i would add nameserver 10.10.0.1
and could search in the dns.
next i wish to use build server (that has ssh ) 10.10.0.2
so simple route :
# route add -host 10.10.0.2 dev tun0
etc ...
by this i can work without any extra settings on the servers.
--
---==== Jabka Atu ===---
bsh83.blogspot.com
---=== Encryption is a way of life ===---
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
