Re: [PLUG] VPN design for home use

Rich Freeman on 21 Sep 2012 10:52:00 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] VPN design for home use

From: Rich Freeman <r-plug@thefreemanclan.net>
To: plsnyder@drexel.edu, "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
Subject: Re: [PLUG] VPN design for home use
Date: Fri, 21 Sep 2012 13:51:53 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type; bh=Ceo4aPnr+IprXaAZbHTIFfPv05wODTqXrIzxJ5h4SGg=; b=yoA5Fw1njJK5q/6rKLNq3Xn9Ww30yJnmLBg6Mp6wZD3Jcj2g0iBUVXUglgVONWpfrp m+7mwBtLBKvd6ihuYJZRg0yL3C8gZM+gT9jx/eqyseZPijny8ADeduwZ33UbvnqxpL+r KRNROncUSs5d65ANUTk3nzoZchJAVy7loAx0FKqKhslM2o8rS/MnjP5uVPK8pMtdRx9u tubxisbRPeg8YE9G6vW5ylHeSXZnd4JWQuOiDnUh621y9dCvtw3HqUp/O+UEq2w2TC0j bSKpDlTNsi8Xcm4hVf0gOL4WihiBmIik/CKpbckZgdvFC/+cOw/yISwU7v/NULiQuTpx uvqw==
Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Sender: plug-bounces@lists.phillylinux.org

On Fri, Sep 21, 2012 at 1:39 PM, Paul L. Snyder <plsnyder@drexel.edu> wrote:
> Option 1: Use the server as a VPN gateway. Add a second gigbit NIC and
> hang a switch off of it; connect all the other wired devices to the switch.
> Set up the server as an OpenVPN gateway to the VPN tunnel.

I'd probably just do this.  If you're going to tunnel everything
through a VPN going both ways then it really doesn't matter how many
layers of NAT you have to traverse.  The router doesn't have to do
anything special - it just sees you have one PC on your network and it
just keeps one connection open 24x7.

> And, as a final wrinkle...once all this is set up, I'd like to be able to
> connect my laptop back to my home network when I'm on the road.

I'd think that as long as your remote IP is stable on the other end of
the home VPN that you should be able to tunnel a VPN through that VPN.
 If your VPN provider has some cleaner solution by all means use it,
but if you're running a linux server as a router, then it just runs
two VPN daemons.  One creates an interface that the local LAN NATs
into with firewalling.  The other creates an interface bridged onto
your local network, and it sends its data through the first VPN
interface.

I have little practical experience with VPNs, but I'd think something
like this should be pretty do-able.

Rich
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:
- Re: [PLUG] VPN design for home use
  - From: "Lee H. Marzke" <lee@marzke.net>

References:
- [PLUG] VPN design for home use
  - From: "Paul L. Snyder" <plsnyder@drexel.edu>

Prev by Date: Re: [PLUG] VPN design for home use
Next by Date: [PLUG] Tonight: "Robot Scientist: Inferring Material Properties from Experimental Data"
Previous by thread: Re: [PLUG] VPN design for home use
Next by thread: Re: [PLUG] VPN design for home use
Index(es):
- Date
- Thread