mike#.Net Development

http://sshmenu.sourceforge.net/articles/key-setup.html

http://sshmenu.sourceforge.net/articles/transparent-mulithop.html

http://www.damtp.cam.ac.uk/user/jp107/xp-remote/web-tunnel/

http://askubuntu.com/questions/112177/how-do-i-tunnel-and-browse-the-server-webpage-on-my-laptop

https://www.bitvise.com/ssh-web-browsing

A new VPS host to look at

https://www.linode.com/pricing

https://www.linode.com/docs/networking/ssh/setting-up-an-ssh-tunnel-with-your-linode-for-safe-browsing

Important way to confirure Firefox to tunnel all DNS queries

https://www.bitvise.com/ssh-web-browsing

ssh -D 8080 -C -N username@example.com

-N	     Do not execute a remote command.  This is useful for just for-
	     warding ports (protocol version 2 only).

 -C	     Requests compression of all data (including stdin, stdout,
	     stderr, and data for forwarded X11 and TCP connections).  The
	     compression algorithm is the same used by gzip(1), and the
	     "level" can be controlled by the CompressionLevel option for pro-
	     tocol version 1.  Compression is desirable on modem lines and
	     other slow connections, but will only slow down things on fast
	     networks.	The default value can be set on a host-by-host basis
	     in the configuration files; see the Compression option.

SSH to OpenVPN Access Server

Create PAM user

Log in to OpenVPN Access Server web Admin interface.

Add user

Log out of Access Sever Admin interface.

Log in directly to main Access Server web interface (not Admin) as new user – select Login (not Connect)

Download and install Windows Client.

Download Autologin profile. * Make note as this file will be used below.

Verify connectivity from Windows Client.

PuTTY SSH to Debian Client. – Note using PuTTY as clipboard paste will be used below.

Enable IPv4 forwarding

sudo nano /etc/sysctl.conf

Uncomment the line

# net.ipv4.ip_forward=1

Run the following command to make the change effective without a reboot.

sudo sysctl -w net.ipv4.ip_forward=1

Add iptables rules for NAT to work

sudo nano /etc/rc.local

Make sure the following two lines appear before the exit 0 line in the file.

/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables –table nat -A POSTROUTING -o eth0 -j MASQUERADE

To make these iptables rules active without rebooting, run the following commands:

sudo iptables -P FORWARD ACCEPT
sudo iptables –table nat -A POSTROUTING -o eth0 -j MASQUERADE

Install OpenVPN

sudo apt-get install openvpn

Edit Autologin user profile in Wordpad.  Note is is important to use Wordpad as it correctly handles the Unix/Windows character translations.  Select all text and copy to clipboard.

sudo nano /etc/openvpn/client.conf

Paste from clipboard via PuTTY.  Save.

Configure OpenVPN to start on boot

sudo nano /etc/default/openvpn

Add line

AUTOSTART=”client”

Note you do not add .conf extension, but the file itself must have .conf

Start OpenVPN client

cd /etc/openvpn/
sudo openvpn client.conf

Log into Access Server and verify connection

Reboot

Verify auto start

Ping the VPN server

To access VPN server from local subnet, configure a static route on local lan to client vpn gateway

To access other VPN client gateways, configure a static route on the local LAN to the client VPN gateway.  Note, the VPN server will automatically push the required routes to the client for routing to other client gateways.

Create AWS Instance

Inbound Security Group Rules

Custom UDP Rule	UDP	943	0.0.0.0/0
SSH	TCP	22	0.0.0.0/0
Custom UDP Rule	UDP	1194	0.0.0.0/0
HTTPS	TCP	443	0.0.0.0/0
Custom UDP Rule	UDP	443	0.0.0.0/0
Custom TCP Rule	TCP	943	0.0.0.0/0

Use PuTTYGen to convert pem to ppk.  Add passphrase to the key.

Assign IP

Update DNS

SSH to host DNS name to verify proper name resolution.  Login as ubuntu.

sudo apt-get update && sudo apt-get upgrade

The download page for OpenVPN Access Server.

https://openvpn.net/index.php/access-server/download-openvpn-as-sw/113.html?osfamily=Ubuntu

Right click the link and select ‘Copy link address’

From PuTTY download the deb

wget [right click]

Install the deb

sudo dpkg -i openvpn[tab]

Give user openvpn a password

sudo passed openvpn

It appears Ubuntu will open the ports, but I should figure out what is going on.

Open browser to admin page and log in as openvpn

https://%5Burl%5D:943/admin/

Configure server.  Be sure to properly add the server DNS name in Server Network Settings

Open browser to login page

https://%5Burl%5D:943/

Select “Login”

log in as openvpn

Download and install OpenVPN Connect for Window

Connect to VPN and verify server IP via ‘whats my ip’

Before the tools are installed, you must install make and gcc

sudo apt-get install gcc make

VMware tools requires the Linux Kernel headers

sudo apt-get update

sudo apt-get install linux-headers-$(uname -r)

Insert the CD.  Player -> Manage -> Install VMware tools…

Mount the CD

mount /media/cdrom

Extract tool to home

cd ~

tar -zxvf /media/cdrom/VMware[tab]

Execute the installer

cd vmware-tools-distrib

sudo ./vmware-install.pl

Reboot