Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

vpn/tunnel
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

vpn/tunnel

itrmikeitrmike Member
in Help

Has anyone got an effective method of using a server as a firewall / tunnel / vpn to mask another server completely? I.e. All requests are passed through the ip/network of server 1 and routed to the ip:port of server 2?

Comments

  • Awmusic12635Awmusic12635 Member, Host Rep

    GRE tunnel?

  • itrmikeitrmike Member
    edited January 2014

    Could you expand upon the compatibility a bit please. e.g. would I be able to run services on the ip:port of server 1 from server 2?
    Also do you have a tutorial which I can look at somewhere? (Preferably on Debian).
    I'm guessing DDoS protection providers such as BL and Staminus use GRE Tunnels?

  • BuyCPanel_AlexBuyCPanel_Alex Member
    edited January 2014

    Well on windows I've got it to work great via ssh tunneling. You go to internet properties and set up a new LAN connection and set up a local ssh tunnel (with putty) to the server you want to use to mask yourself with. Then connect those two together and you're fully masked!

  • Mark_RMark_R Member

    if you need to setup a GRE Tunnel this could help you out

    http://wiki.buyvm.net/doku.php/gre_tunnel

  • itrmikeitrmike Member

    Hmm, > @Mark_R said:

    if you need to setup a GRE Tunnel this could help you out

    http://wiki.buyvm.net/doku.php/gre_tunnel

    Thanks for the great guide Mark, just what I was looking for!

  • itrmikeitrmike Member

    Dayum, just realised it won't work with any openvz vps'es I have. Are there any other methods of setting up a tunnel similar to GRE that will support openvz?

  • ironhideironhide Member

    this one can help i guess
    http://board.prometeus.net/viewtopic.php?f=8&t=15&sid=9739935b91da0e5d0021d16e7c550e4f

  • Mark_RMark_R Member

    @ironhide said:
    this one can help i guess
    http://board.prometeus.net/viewtopic.php?f=8&t=15&sid=9739935b91da0e5d0021d16e7c550e4f

    can you create a GRE-Like tunnel using pptpd?

  • ironhideironhide Member

    Mark_R said: can you create a GRE-Like tunnel using pptpd?

    Sorry I don't know, I thought OP was looking for standard VPN instructions.

  • pkr5770pkr5770 Member
    edited January 2014

    sysctl net.ipv4.ip_forward=1;iptables -t nat -A PREROUTING -p tcp --dport xx -j DNAT --to-destination xx:xx;iptables -t nat -A POSTROUTING -j SNAT --to-source xx;service iptables save; service iptables restart

    tcp or udp

    dport (port on the reverse proxy)

    destination: ip/port you want to proxy the connection to

    source: ip of the proxy server

  • itrmikeitrmike Member
    edited January 2014

    @pkr5770 said:
    sysctl net.ipv4.ip_forward=1;iptables -t nat -A PREROUTING -p tcp --dport xx -j DNAT --to-destination xx:xx;iptables -t nat -A POSTROUTING -j SNAT --to-source xx;service iptables save; service iptables restart

    tcp or udp

    dport (port on the reverse proxy)

    destination: ip/port you want to proxy the connection to

    source: ip of the proxy server

    Surely that's missing the creation of the tunnel?

  • pkr5770pkr5770 Member

    @itrmike said:
    Surely that's missing the creation of the tunnel?

    This method doesn't use tunnels or extra software, just those commands should be enough then you can repeat iptables -t nat -A PREROUTING -p tcp --dport xx -j DNAT --to-destination xx:xx; to add extra reverse proxies, I use it for certain things because my internet connection uses something called CNAT so I time-out of certain servers every 30seconds, so I do this to use another vps as a middleman, it works on all applications it conceals the identity of the end server, test it and you will see

Sign In or Register to comment.