[WLUG] SSH and HTTP Proxy Options

Chad Crabtree flaxeater at gmail.com
Tue Jun 23 17:06:49 EDT 2015 

Thanks Carl,  I appreciate your time and input.

On Tue, Jun 23, 2015 at 4:55 PM, Carl T. Miller <carl at carltm.com> wrote:

> No, I don't like the idea of using two vpns.  Is
> there any chance they will let you set up openvpn
> in addition to the original vpn?  If so, people
> would need to decide which one to use at any given
> time.
>
> If you need to use the existing vpn, I'd go with
> the ssh solution.  It takes some planning, but
> it's rather easy to use.
>
> c
>
>
>
> Chad Crabtree wrote:
> > Ah, regarding the VPN, we already have to vpn to get to the first
> machine,
> > and there's another VPN to get to the internal machines, but the first
> vpn
> > is instable and causes the second to break, usually pretty quick.  Who'd
> > have thunk that nesting VPN's would suck so bad :P.
> >
> > I hadn't thought to try using another VPN because of that.  Do you think
> > in
> > light of this new information, do you think open vpn would still be a
> good
> > option?
> >
> > On Tue, Jun 23, 2015 at 4:39 PM, Carl T. Miller <carl at carltm.com> wrote:
> >
> >> Two thoughts come to mind immediately.  One is to use
> >> ssh and set up tunnels for the ssh and socks connections.
> >> The other is to install and use OpenVPN.
> >>
> >> If the developers are very savvy, probably the ssh
> >> solution would be easier to implement and maintain.
> >> The openvpn solution would take longer to set up,
> >> but would be easier for the end users.
> >>
> >> c
> >>
> >>
> >> Chad Crabtree wrote:
> >> > So I'm tasked with building a proxy that will route ssh and HTTP(s)
> >> > through
> >> > a public facing server into the safe side of the network to support
> >> > developers.  My first thought was ssh socks proxy to get the job done,
> >> but
> >> > I've been doing some research and it seems that it can be done through
> >> an
> >> > HTTP proxy too, corkscrew is one I've seen so far.
> >> >
> >> > I was hoping I could take advantage of the wiser and more experienced
> >> > among
> >> > us for some alternatives?
> >> >
> >> > - Socks Proxy?
> >> > - Http Proxy?
> >> > - ????
> >> >
> >> > Whats your suggestion, I have a private network with one computer in
> >> the
> >> > DMZ (to restate it 'simply') and I need to allow N users to connect to
> >> > their personal machine on the inside from anywhere.
> >> >
> >> >
> >> > Thanks for your time.
> >> >
> >> > --
> >> > Chad Crabtree
> >> > 734-658-5338
> >> > _______________________________________________
> >> > washlug mailing list
> >> > washlug at washlug.org
> >> > http://linux.marcdatabase.com/mailman/listinfo/washlug
> >> >
> >>
> >>
> >> _______________________________________________
> >> washlug mailing list
> >> washlug at washlug.org
> >> http://linux.marcdatabase.com/mailman/listinfo/washlug
> >>
> >
> >
> >
> > --
> > Chad Crabtree
> > 734-658-5338
> > _______________________________________________
> > washlug mailing list
> > washlug at washlug.org
> > http://linux.marcdatabase.com/mailman/listinfo/washlug
> >
>
>
> _______________________________________________
> washlug mailing list
> washlug at washlug.org
> http://linux.marcdatabase.com/mailman/listinfo/washlug
>



-- 
Chad Crabtree
734-658-5338
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://linux.marcdatabase.com/pipermail/washlug/attachments/20150623/0bca49d4/attachment.html

More information about the washlug mailing list