[colug-432] vpn tunnel or http+tcp forward proxy setup?

Rick Troth rmt at casita.net
Mon Apr 29 08:14:03 EDT 2013


I don't recognize StrongVPN, but a partner of some sort here in the
States would be needed.

Reading your note, I can think of three options.  First is OpenVPN,
since the router has dd-wrt and you are offering your Googoo fiber as
the US POP.  So for this option you'd run OpenVPN as a service on some
box at your place, and their router would VPN to it.

A second option is PPP over SSH.  Their router would run PPP using SSH
as its channel.  The SSH connection from their router to your place
would run the PPP partner.  I used SSH over PPP for years as my
home-grown VPN.  Worked *great* for single machines.  No idea if it
will scale up to this task.  If it were my family, this is the option
I'd try first.

A third option is Tor, which is known to be slow, is overkill for this
problem, and doesn't make sense in a friendly regime like S Korea.
But it's an option.  (Again, in the router.)

All of these are router solutions so that there is less mucking around
with the other equipment.  No idea (from where I sit) how smart their
devices are.  You mention Netflix, and I think of a DVD player with
Netflix embedded.  Waaayy easier to fix that at the router.

-- R; <><




On Sun, Apr 28, 2013 at 10:53 PM, Rick Hornsby
<richardjhornsby at gmail.com> wrote:
> I have kind of a unique circumstance -- my sister and her military husband
> recently moved to South Korea for a 2 year assignment.
>
> The problem is that sites like Amazon and Netflix are refusing to serve them
> properly (or at all in the case of Netflix) because they have an non-US ip
> address.  They have a StrongVPN account, but have been having a hard time
> getting it to work on the Linksys router I gave them with ddwrt and
> strongVPN configured.  Oddly, the setup worked here in the states.  They
> said that they tried getting the router VPN working and just never could,
> but got a single computer configured to log into the VPN.
>
> They're ready to give up, but I had two more ideas.  The first is to
> purchase one of the pre-built strongvpn routers, along with the support that
> comes with it.  I've given them every suggestion I could think of to try, so
> I'm pretty much out of options to help them directly without going over
> there and messing with it.  This option is kind of expensive.
>
> The other is what if I set up a forward(?) proxy here in the states on my
> Google Fiber connection?  It would mean configuring each client device
> individually (ie slingplayer, browsers, etc) which would be a pain, but it
> might work?  One of the downsides here is that if my IP changes, all of
> their devices have to be reconfigured.
>
> I understand how to set up haproxy as a reverse proxy for load balancing,
> but I really don't know much about squid for forward proxying.  Is squid
> capable of forwarding arbitrary tcp traffic, or does it have to be http?  Is
> there something better than squid?  Has anyone set anything like this up, or
> happen to have an example config or a blog post about how they configured
> it?
>
> I know how to use ssh to act as a SOCKS5 proxy, but that won't work here.  A
> couple of the devices that they need to connect are iOS, Windows, and things
> like an AppleTV (Netflix app) -- so obviously a router-level solution would
> be best.
>
> Is there another provider besides StrongVPN who would provide good technical
> support for a situation like this?
>
> thanks guys
>
> _______________________________________________
> colug-432 mailing list
> colug-432 at colug.net
> http://lists.colug.net/mailman/listinfo/colug-432
>



-- 
-- R;   <><


More information about the colug-432 mailing list