Date: Tue, 3 Feb 2004 08:29:39 +0200 From: "Willie Viljoen" <will@unfoldings.net> To: "Tuc at the Beach House" <tuc@tucs-beachin-obx-house.com>, <freebsd-net@freebsd.org> Cc: tuc@ttsg.com Subject: Re: Whats the best solution? Message-ID: <004a01c3ea1f$1a34cea0$0a00a8c0@arista> References: <200402030225.i132Pfax071987@vjofn.tucs-beachin-obx-house.com>
next in thread | previous in thread | raw e-mail | index | archive | help
SSH :-) Have a look at the ssh(1) manpage. The port forwarding should be able to do what you are looking for. Also, to get the authentication to be automatic, set up your SSH to use public keys, and use a passphraseless public key on your laptop. This will let it automatically log in and set up the tunnel. You can then tunnel any TCP traffic through a secure channel to your server. This is all described in the man page. For DNS, use the IP address of the server you plan to use for the other end of the tunnel. As long as you open only UDP port 53 and configure it sensibly, there should be no security risk to running a DNS that accepts from any IP, all proper DNS servers need to do this anyway. This way, you can run your own DNS, and possibly even put in some private DNS tricks to make working with the tunnel easier. Will ----- Original Message ----- From: "Tuc at the Beach House" <tuc@tucs-beachin-obx-house.com> To: <freebsd-net@freebsd.org> Cc: <tuc@ttsg.com> Sent: Tuesday, February 03, 2004 4:25 AM Subject: Whats the best solution? > Hi, > > HELP! Whew, ok, felt good to get that out. > > Heres my problem, I'd like to know what people feel would be the > best solution. > > I travel alot. When I do I bring a Wireless AP, and an Asante > Firewall. Normally I plug the Asante into the ethernet connection at > the hotel, and the WAP into the Asante. > > Some places I run into problem with their web proxy. Almost > all places I have a hell of a time with DNS. When I have DNS issues, the > machine just does not like it. > > I want to be able to set something up where I can tunnel to a > dedicated private server I have on the global internet, and route all > my traffic through it. I want it to be the default route, and once they > hit my end server, they then can be forwarded over the rest of the global > internet. > > I need to be able to have the client be on dynamic IPs. I need some > sort of an authentication. And most of all, something easy to debug would > help. > > Any ideas, thoughts, suggestions, etc? > > Thanks, Tuc/TTSG Internet Services, Inc. > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?004a01c3ea1f$1a34cea0$0a00a8c0>