Tiny Core Linux

Tiny Core Base => TCB Q&A Forum => Topic started by: barbudor on September 16, 2011, 02:49:28 PM

Title: Using a TCL box as a VPN gateway to my home network
Post by: barbudor on September 16, 2011, 02:49:28 PM

Hello,

I am wondering if I could get a TCL box with a single Ethernet port to provide me VPN access to my home Network from outside.

My configuration is :

Code: [Select]

Internet --- DSL box with included NAT router --- Home network ---+--- TCL box
                                                                  +--- other PCs
                                                                  +--- other PCs

I was first considering OpenVPN but apprently it is not possible to use it as above : seems to me that OpenVPN requires 2 port on my box in order to insert it as a router between the DSL modem and my home network.

I cam across Hamachi.
On LogMeIn site, the latest version is Hamachi2 which do not support Linux.

I found another thread on this forum which refers to http://files.hamachi.cc/linux/ (http://files.hamachi.cc/linux/) where I can find what seems to be old versions :

Quote

   Friday, January 05, 2007  5:47 AM       344866 hamachi-0.9.9.9-20-lnx.tar.gz

Seems to be old.

I will appreciate any advice on this topic.
- Is hamachi 0.99 a good solution ? If yes, is it compatible with Hamachi2 windows clients from LogmeIN ?
- Is there a way to achieve what I want using openVPN or any other VPN software ?

Thanks in advance.

Best regards

barbudor

Title: Re: Using a TCL box as a VPN gateway to my home network
Post by: gerald_clark on September 16, 2011, 03:11:59 PM

I use OpenVPN on TCL as VPN appliance to connect two networks.
It has only one Ethernet connection.
It routes VPN traffic out through the DSL modem to the other network.

The OpenVPN docs are a must-read.

Title: Re: Using a TCL box as a VPN gateway to my home network
Post by: barbudor on September 16, 2011, 05:05:00 PM

Hi Gerald

Thanks.
Unfortunately I find ovpn docs qui hard to read  :(
Do you have any link to a tutrial that would be readable for me ?

Thanks

Regards

Title: Re: Using a TCL box as a VPN gateway to my home network
Post by: gerald_clark on September 16, 2011, 05:16:55 PM

I used the docs.

Title: Re: Using a TCL box as a VPN gateway to my home network
Post by: vitex on September 16, 2011, 05:22:29 PM

Quote from: barbudor on September 16, 2011, 02:49:28 PM

I am wondering if I could get a TCL box with a single Ethernet port to provide me VPN access to my home Network from outside.

Do you need the full capabilities of a VPN so you can access a many different services on your home system?  If you only need a few services, ssh may provide all you need.  For example, I sometimes use an ssh proxy between my netbook and my home router to protect my web browsing when I am travelling and must use unencrypted public Wi-Fi.   

Title: Re: Using a TCL box as a VPN gateway to my home network
Post by: netnomad on September 16, 2011, 05:34:53 PM

hi vitex,

i agree to your proposal.
some remarks or opinions to discuss:

ssh tunnels are easy to use and the evalutation of security is not difficult.
misconfiguration ends usually in no result, no connection.

in vpns it can happen that some network communication runs unsecured outside the vpn tunnel.
misconfiguration is not so easy to detect and can be overlooked, unnoticed.

Title: Re: Using a TCL box as a VPN gateway to my home network
Post by: barbudor on September 17, 2011, 07:53:39 AM

Hi

I am already using a ssh connection + proxy (dropbear + polipo) over port 443 which allow connection from almost everywhere as port 443 (https) is generally open and proxy-less.

But this is not where I want to go at the end.

ssh is painful as it requires to create a tunnel for each and every application (read "port") you need (one for web proxy, one for ftp, one for ...)
And it does not securely capture all my IP connection into a single tunnel.

I want all my IP traffic to be captured and sent through the tunnel to my home network. Not only accessing shared drives, but doing painless remote desktop or for all application to access Internet not directly but from my home.

That's why I am looking for a full featured VPN but expecting to find something easy to install or a t least a good tutorial.
What I found so far about OpenVPN configuration always consider 2 physical ethernet connection.

Thanks.

Title: Re: Using a TCL box as a VPN gateway to my home network
Post by: vitex on September 17, 2011, 08:37:18 AM

Quote from: barbudor on September 17, 2011, 07:53:39 AM

I want all my IP traffic to be captured and sent through the tunnel to my home network. Not only accessing shared drives, but doing painless remote desktop or for all application to access Internet not directly but from my home.

I appears that you probably do need a VPN.

A simple but limited solution is to use openssh as a SOCKS proxy (-D option) and configure torsocks http://forum.tinycorelinux.net/index.php/topic,11315.msg60020.html#msg60020 (http://forum.tinycorelinux.net/index.php/topic,11315.msg60020.html#msg60020) to use the openssh proxy instead of Tor.  Any TCP-based (but not UDP) service (with a few limitations) that you start via torsocks will be sent through an encrypted channel to your home network.

A more elegant approach is used by Tails http://tails.boum.org/about/index.en.html]([url]http://tails.boum.org/about/index.en.html (http://([url))[/url], a Debian-based live CD / USB system that provides protection by using a firewall to route all network connections through the Tor network.  Combining a firewall similar to theirs with an openssh SOCKS proxy would seem to give you what you want.

Title: Re: Using a TCL box as a VPN gateway to my home network
Post by: gerald_clark on September 17, 2011, 10:42:28 AM

The second ethernet connection can be an alias on eth0:0 ( The same interface ).