Here's my project: Use Stunnel in front of OpenVPN to proxy traffic on my Mac to an external servers IP.
Here's my issue: Brew installs the packages just fine but when running they are unable to find a route to any public IP. My Stunnel server uses OpenVPN behind it for more security and OpenVPN sends its traffic via a port on localhost where Stunnel listens and DOES recieve. The issue is when stunnel tries to connect to the external server. Eliminating Stunnel fixes this as OpenVPN is able to connect directly to the external IP. I have this exact same Stunnel/OpenVPN setup on my Windows machine and it works just fine. I just bought this Mac and am not familiar with Brew but any help would be appricaiated!
Related
So I'm setting up a vm on virtualbox with Centos. I was able to configure everything fine and with a bridge connection, I have access to the internet and the VM has an IP within the network. From the host I can ssh into the vm without a problem. Now here's the issue, for some reason if I load up the gui from the browser I can access https sites but not http sites.
I noticed this after I tried to install some applications but all mirrors were timing out. Anyone have any clue what this could be?
What I'm trying to achieve is:
Connect to a VPN as client and route all my internal network's traffic over the VPN.
Run a VPN server, so that people from outside can connect to my internal network and get routed over the a.m. VPN client.
I'm trying to achieve that with a router running dd-wrt (netgear D6200), and / or a raspberry pi.
Can someone tell me if this can be achieved, and if, direct me to what would be a possible solution?
(I'm not looking for a tutorial, just a direction)
Thanks!
This thread probably does not belong here.
Consider using OpenWRT instead of dd-wrt. OpenWRT gives you a usable build system and easier to customize and build. I am not advocating OpenWRT. This can be a stop gap measure.
You can setup a OpenVPN server and OpenVPN client using the standard
documentation available on OpenWRT Wiki and also OpenVPN site.
Add to OpenVPN server.conf the following directive redirect-gateway def1. This will push the default gateway to clients connecting to OpenVPN server. Further, make sure you are using a unique network IP pool for VPN clients and does not clash with the remove VPN server.
Make sure you are masquerading the VPN traffic (Clients of local VPN server) before forwarding to remove VPN server. This can be tricky as this interface does not exist at boot time. It needs to be configured using up and down scripts
Make sure you are allowing traffic (clients of local VPN Server) on VPN interface to be forwarded in your firewall rules
Before setting up the OpenVPN server, make sure
The remove VPN server is pushing the default gateway to your VPN
client
You have setup the firewall correctly
You are able to reach the cloud through the Remote VPN Server. Checking with some site like www.whatismyip.com will help
Yes this is possible with dd-wrt on Netgear.
There is no need of Raspberry (unless you meant to run the remote VPN server on it).
Configure and run VPN server on dd-wrt - and try connectivity by connecting clients. Both tun/tap should work in general (with VPN client running). I tested with tun.
Configure and run VPN client on dd-wrt and try connecting to your VPN server. By default, the router should start directing all traffic (for its own LAN clients) via the VPN server.
So far so good.
The problem comes when you want dd-wrt's VPN clients (and not just LAN clients) to take the same route. With a VPN client running on dd-wrt, dd-wrt's own VPN clients will not be able to connect to the VPN server running on dd-wrt as such. To make it work, see below.
This is only possible via PBR - i.e. you run VPN client on dd-wrt, but take the router itself off this client, and route only specific clients through this VPN client running on dd-wrt.
With some tweaks using subnet masks, it is possible to include all your LAN and VPN IPs in the PBR policy so that everything (except the router itself) routes through the remote VPN server.
The key is to include dd-wrt's VPN clients' virtual IPs in the PBR. While configuring VPN server on dd-wrt, there is a field for specifying the clients' network and netmask.
If you use this network IP and netmask in client process's PBR policy, your (dd-wrt's) VPN clients will be able to connect to the VPN server running on dd-wrt, and will in turn be routed through the remote VPN server to which dd-wrt is connected as a client.
I'm learning how to use Meteor by following the tutorial. I'm aware that Meteor automatically hosts the app to both localhost and my IPv4 address (in this instance, 192.168.1.100). When I visit 192.168.1.100:3000 on the computer it's hosted from, the app works fine, however it won't load on any other devices that access 192.168.1.100:3000 from the local network.
I've read the following answers:
Accessing meteor server on LAN
Accessing Meteor local web server from another local device on Mac 10.8
Meteor - accessing the app using public ip
How to run meteor server on a different ip address?
Start Meteor server and let other computers access it
And none of them worked for me. It may be because I'm running Windows. If that's the case, can anyone help on how to host the app on the local network?
There's a number of reasons why you may not be able to
try opening the port
netsh advfirewall firewall add rule name="Meteor 3000" dir=in action=allow protocol=TCP localport=3000
if connecting via wifi, then routers often disallow connections to other devices on the network, check router settings
I have got chef-server installed on a centos machine.
Everything is working as expected except that I cannot access the chef-server web interface from another machine on my local network.
I can access the web interface from the centos machine itself:
telnet mychefserver.local 4000
Connected
If I do the same from my machine I have got:
telnet: Unable to connect to remote host: No route to host
I can successfully ping mychefserver.local from my machine
Any idea how to configure nginx with chef-server to access the chef-server from the network?
Since Chef Server 10, the web interface uses normal HTTPS (TCP 443), it only listens on the high ports locally, and nginx proxies as needed to the different backend services. I would try with a normal web browser as telnet isn't exactly great at error messages. Normally I would expect that to mean telnet is getting TCP transmission errors, but maybe it is just confused? If it is really a TCP transmit error then more likely the internal DNS is having issues. .local often means mDNS which has uneven support in some places, I would try an actual IP address to be sure.
My issue was iptables.
I stopped iptables and I can access the chef-server from my local network again.
My web server is running on localhost (127.0.0.1:8800) and I would like to send HTTP posts from another machine to that server.
Does anyone know how I will be able to access the server from the outside? (I did a SSL port forwarding from the external address to localhost, but it is a kind of hack and some aspects do not working properly, e.g. web socket does not detect traffic that's been forwarded)
127.0.0.1 is the loopback address of your network card. Only your computer can access that. 127.0.0.1 on any other computer will be that other computer.
You will have to run your server on your internal ip-address (if you're doing this in an internal network). It will probably look something like 192.168.0.x. If you're instead connecting to the computer using the internet you will of course have to bind the server to the external ip-address.
You can find your internal ip-address on Windows by opening cmd.exe and typing ipconfig. On OSX or Linux/BSD you run ifconfig in a terminal.