openvpn help

[aus-city]

I installed openvpn via plesk

I want to use the tunnel to http traffic via the tunnel

Any idea's how to get this working properly?

I can ping 172.16.0.1 (with a 300ms delay that is about right as its in the US) and can ping 172.16.0.1 with a 0 delay as itsa here.

How the heck can I pipe firefox traffic through this?

I tried changing my gateway and it did not work.

I really would like just to specify specific websites.

--- 172.16.0.2 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.039/0.039/0.039/0.000 ms

PING 172.16.0.1 (172.16.0.1) 56(84) bytes of data.
64 bytes from 172.16.0.1: icmp_seq=1 ttl=64 time=376 ms

--- 172.16.0.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 376ms
rtt min/avg/max/mdev = 376.236/376.236/376.236/0.000 ms


Thanks

[faris]

There's actually an easier way to do this. Use FoxyProxy in Firefox and use an SSH Tunnel via Putty. It "just works" once you've figured out how to config Putty.

Anyway, with OpenVPN, there's more to getting "out" of the server you are connected to that meets the eye I'm afraid. It is down to routing and NAT. I don't recall the details, but I think there are some configuration changes you need to make to the OpenVPN config as well as setting up something with iptables NAT? I really don't remember. I quite fancy having a go again at some point. If I do I'll make notes of what I did and let you know. But for now, I'd suggest going the FoxyProxy/SSH Tunnel way as it is quite easy.

Faris.

[aus-city]

That sounds much better!

How do you set it up?

Its just linux machine to linux machine.

[faris]

It is very very very easy. No config is necessary on your server (other than POSSIBLY opening some ports on the firewall but this is usually not needed)

Start here for some basic examples with pictures:

http://oldsite.precedence.co.uk/nc/putty.html

http://www.amtp.cam.ac.uk/user/jp107/xp ... eb-tunnel/

Essentially, when you are done, putty will be listening on some ports on your local machine (port numbers will be whatever you have set up when configuring putty to do the tunneling). Lets say you used 880 for http. To get Firefox to use the tunnel to connect to the internet, tell it to use a proxy, port 880. The easiest way to do this is to use the FoxyProxy plug in, which will let you switch between that and "normal" configurations with the push of a button or two.

Note that DNS and anything else will still work as normal - not through the tunnel.

But you can set up extra redirects to tunnel pop3, smtp and whatever else you want to all go through the ssh tunnel.

More difficult to deal with, potentially, are the DNS lookups. However, as this is Linux to Linux rather than Windows to Linux, I think it will not be too difficult.

I know this isn't as much info as you might like, but I hope it gives you some pointers at any rate.

The keywords to search for on google are "ssh tunnel putty" -- and maybe add "dns" and "socks" and "firefox" or something.

Faris.

[faris]

Oh. One tip. When I used ssh tunnels with putty on Ubuntu, it was necessary to run putty as root, not as a normal user. There were no errors when running as a normal user but it just didn't work. It took me ages to work out what was going on.

Given that the same probably applies to any distribution since opening ports and whatnot probably requires root privs, this is something to think about then you start trying to get it to work.

Faris.

[scott]

That might be because you're trying to bind to a privileged port (below 1024)