From owner-freebsd-net@FreeBSD.ORG Mon Feb 2 22:29:30 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9A38C16A4CE for ; Mon, 2 Feb 2004 22:29:30 -0800 (PST) Received: from apollo.laserfence.net (apollo.laserfence.net [196.44.69.138]) by mx1.FreeBSD.org (Postfix) with ESMTP id B122D43D2F for ; Mon, 2 Feb 2004 22:29:26 -0800 (PST) (envelope-from will@unfoldings.net) Received: from [127.0.0.1] (helo=localhost) by apollo.laserfence.net with esmtp (Exim 4.24; FreeBSD) id 1Anu3g-000Pdp-Fq; Tue, 03 Feb 2004 08:29:16 +0200 Received: from apollo.laserfence.net ([127.0.0.1]) by localhost (apollo.laserfence.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 97416-04; Tue, 3 Feb 2004 08:28:53 +0200 (SAST) Received: from [192.168.255.1] (helo=prometheus.home.laserfence.net) by apollo.laserfence.net with esmtp (Exim 4.24; FreeBSD) id 1Anu3H-000PdU-Iv; Tue, 03 Feb 2004 08:28:52 +0200 Received: from arista.home.laserfence.net ([192.168.0.10] helo=arista) by prometheus.home.laserfence.net with smtp (Exim 4.10) id 1Anu38-0009uS-00; Tue, 03 Feb 2004 08:28:42 +0200 Message-ID: <004a01c3ea1f$1a34cea0$0a00a8c0@arista> From: "Willie Viljoen" To: "Tuc at the Beach House" , References: <200402030225.i132Pfax071987@vjofn.tucs-beachin-obx-house.com> Date: Tue, 3 Feb 2004 08:29:39 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 X-Virus-Scanned: by amavisd-new at laserfence.net cc: tuc@ttsg.com Subject: Re: Whats the best solution? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Feb 2004 06:29:30 -0000 SSH :-) Have a look at the ssh(1) manpage. The port forwarding should be able to do what you are looking for. Also, to get the authentication to be automatic, set up your SSH to use public keys, and use a passphraseless public key on your laptop. This will let it automatically log in and set up the tunnel. You can then tunnel any TCP traffic through a secure channel to your server. This is all described in the man page. For DNS, use the IP address of the server you plan to use for the other end of the tunnel. As long as you open only UDP port 53 and configure it sensibly, there should be no security risk to running a DNS that accepts from any IP, all proper DNS servers need to do this anyway. This way, you can run your own DNS, and possibly even put in some private DNS tricks to make working with the tunnel easier. Will ----- Original Message ----- From: "Tuc at the Beach House" To: Cc: Sent: Tuesday, February 03, 2004 4:25 AM Subject: Whats the best solution? > Hi, > > HELP! Whew, ok, felt good to get that out. > > Heres my problem, I'd like to know what people feel would be the > best solution. > > I travel alot. When I do I bring a Wireless AP, and an Asante > Firewall. Normally I plug the Asante into the ethernet connection at > the hotel, and the WAP into the Asante. > > Some places I run into problem with their web proxy. Almost > all places I have a hell of a time with DNS. When I have DNS issues, the > machine just does not like it. > > I want to be able to set something up where I can tunnel to a > dedicated private server I have on the global internet, and route all > my traffic through it. I want it to be the default route, and once they > hit my end server, they then can be forwarded over the rest of the global > internet. > > I need to be able to have the client be on dynamic IPs. I need some > sort of an authentication. And most of all, something easy to debug would > help. > > Any ideas, thoughts, suggestions, etc? > > Thanks, Tuc/TTSG Internet Services, Inc. > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > >