... from Elms Village (Belfast) The Elms Village network is too much firewalled. First of all, it's password protected with a captive portal called BlueSocket. Then, when you are finally connected, you have only a few ports available. And when I say a few, I'm saying a few: 21, 80 and 443. Great, isn't it? So when I arrived here I was really fucked because I couldn't connect to my loved trinity at home via SSH. Another thing is that we have a public IP address, but is not reachable being behind the firewall. The good point was that at the computer rooms of the University buildings, the SSH port is open. But it was not enough, I want to connect to IRC, Jabber, checkout from SVN, ... from home!. The solution was something like the following: 1. map the ADSL router public port #21/tcp to the trinity's 22/tcp one 2. do a SSH tunnel from my computer to my home server, using the 21/tcp 3. install OpenVPN and configure it to connect via the SSH tunnel 4. install a SOCKS proxy on trinity for use it with the "forbidden" apps That's the solution that is now working, but it can be improved in some points. The SSH tunnel is not really needed. Instead, we can map the public 21/udp to the 1194/udp of trinity and start the OpenVPN server. Then, config the client to connect to the 21/udp instead of the default 1194/udp. Why I have the SSH then? Because my first idea was to use only the SSH tunnel, but it was not enough. And for change the DNAT configuration of my ADSL router I need someone on my LAN and it's more difficult. So as I already have the tunnel, I built the OpenVPN over it. Now, when I use apps that cannot go out Internet through the Elms Village network (IRC, Jabber, SVN, ...), I configure it to use the SOCKS proxy of trinity with the IP address corresponding to the VPN interface. And now I have a real Internet connection... not just for browsing!
If you liked this post, you can donate using Bitcoin 12jVrWkk5S6x5hEizThZwgTx59KxaDdK4C