Date: Thu, 31 Jan 2002 14:38:19 -0500 From: Bob Johnson <bob@eng.ufl.edu> To: fybar@hotmail.com Cc: questions@freebsd.org Subject: Re: more: vpn from behind firewall Message-ID: <3C599D2B.2324D9BF@eng.ufl.edu>
next in thread | raw e-mail | index | archive | help
> Date: Thu, 31 Jan 2002 05:59:10 +0000 > From: "Trevor Osatchuk" <fybar@hotmail.com> > Subject: more: vpn from behind firewall > > It has been suggested that my description was vague, so I hope this will > clarify. > > > ______ _________ ________ > |my | | firewall| |my home | > |laptop|-----| on ski |------WWW-----|firewall|--- Home Network > |______| |__hill___| |________| > > I am on vacation and am attempting to send and recieve email. Now, I can > get my email, but am having trouble sending. I want to put my laptop onto > my lan via vpn so that I can send eamil from my home account. Also, I want > to have access to my computers behind the firewall. I have been given a > 192.168.1.x ip, so I am behind a nat or proxy, not sure. Is there a way > that I can set up a vpn from where I am? Or, can I use my firewall as a > proxy? Can I set up a ssh tunnel to my firewall and then foward that port > on my firewall to the appropriate mail/news servers? > I'm not sure if you mean your laptop address is 192.168.1.x, or if that's the address of your home system. Anyway, if you can find out the IP number of your home network, AND your home firewall has been configured to accept SSH connections or pass them on to a system inside your network, then the following should get you on the right track: Since you can get email already (probably via POP3), we will ignore it for now, although we'll come back to it later. To send mail, you need to be able to make an SMTP (port 25) connection to your ISP's mail host (or your home network's host if it runs one). This is the host that your email program uses for "SMTP host" or as the outgoing mail server, or whatever they call it. Let's assume that your home network address is 116-customer-dsl.example.net (or you could use the IP number). And, let's assume that your ISP's mail host is called smtp.example.net. Then, using SSH, do something like ssh -L 25:smtp.example.net:25 116-customer-dsl.example.net on your laptop, and set your email program to use 127.0.0.1 as its SMTP host. This sets up an encrypted connection from your laptop to 116-customer-dsl.example.net and then uses it to forward any connections to port 25 on your laptop to smtp.example.net (although data moving between your home system and the smtp host will not be encrypted). You can do the same thing with port 110 (the POP3 port) and use it to read your mail so that your password and mail will be encrypted if someone is snooping on the local network where you happen to have your laptop connected. If you don't have access to your home network, ANY host that you can SSH into AND which is allowed to send mail via your ISP's SMTP host will work (e.g. a friend's system). Obviously, all of this is much easier to set up and test if you have someone sitting at your home system to figure out what IP number you need to use, and making sure the firewall is configured to allow this. If you are already on vacation, you may have to stick with using Hotmail to send your email, until you can get back home and figure out the details of how your home network is set up. Of course, there is a third, and probably easier solution: ask the people who run the network on the ski hill what you should use for your outgoing SMTP host. You aren't the only person with that problem, and they should have a local one set up for you to use. Just set your email program to use whatever they tell you. > Thanks, > > fybar > - Bob To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3C599D2B.2324D9BF>