How to tunnel ssh and ftp through OpenVPN. The simple way.

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
ghostcorps
OpenVpn Newbie
Posts: 10
Joined: Wed May 25, 2011 12:59 am

How to tunnel ssh and ftp through OpenVPN. The simple way.

Post by ghostcorps » Wed May 25, 2011 1:07 am

Hi Guys

I have been trying to get my head around the tutorials but I just don't understand what each switch means well enough to adapt to my scenario.

I have just setup a VPN connection to my server and I want to enable SSH & ftp sessions through the VPN so I don't have to expose port 22 & 21 to the outside world.

The ssh session only needs to be available to the OpenVPN server itself, but the ftp session needs to go through to another server on that network.

I am running FreeBSD 8.1.

Thanks for your time :)
Last edited by ghostcorps on Fri May 27, 2011 5:29 am, edited 1 time in total.
Top
ghostcorps
OpenVpn Newbie
Posts: 10
Joined: Wed May 25, 2011 12:59 am

Re: New to OpenVPN, how do I tunnel ssh and ftp?

Post by ghostcorps » Wed May 25, 2011 3:16 am

Here are my configs, sorry that was silly of me to not include them:

Client
ghostcorps.ovpn

Code: Select all

client
dev tap
proto udp
remote my.server 1194
nobind
persist-key
persist-tun
ca ca.crt
cert ghostcorps.crt
key ghostcorps.key
comp-lzo
verb 3
Server
/usr/local/etc/openvpn/server.conf

Code: Select all

port 1194
proto udp
dev tap
ca /usr/local/etc/openvpn/keys/ca.crt
cert /usr/local/etc/openvpn/keys/server.crt
key /usr/local/etc/openvpn/keys/server.key # This file should be kept secret
dh /usr/local/etc/openvpn/keys/dh1024.pem
server 192.168.254.0 255.255.255.0
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo
max-clients 10
user root
persist-key
persist-tun
status /var/log/openvpn-status.log
log-append  /var/log/openvpn.log
verb 3
Top
ghostcorps
OpenVpn Newbie
Posts: 10
Joined: Wed May 25, 2011 12:59 am

Re: New to OpenVPN, how do I tunnel ssh and ftp?

Post by ghostcorps » Fri May 27, 2011 5:12 am

Ok, well for anyone else who thinks the tutorial is a bit confusing, here is the simple answer:

1. Open your sshd config. In FreeBSD you can do this as follows:

Code: Select all

#ee /etc/ssh/sshd_conf
2. Add a new 'ListenAddress' line with the IP of your OpenVPN server:

eg.

Code: Select all

ListenAddress 192.168.254.1
3. Restart the SSh Daemon. For OpenSSH on FreeBSD this goes as follows:

Code: Select all

#/etc/rc.d/sshd restart
4. Start the VPN client and SSH to the OpenVPN servers virtual LAN ip, in this case '192.168.254.1'

5. If this works, you can either
a: Do a little dance
or
b: comment out the external IP in the SSHD config to block external access to SSHD (BEWARE: If ssh is your only access you may block yourself.


nb. For ftp you will need to do the same in the relevant ftpd config file.

I hope this helps and saves someone else the time.
Top
Post Reply

Return to “Configuration”