Search this site


Metadata

Articles

Projects

Presentations

vpn + pf

Rather doing a simple vpn+nat-style situation, I decided that my local server (whack.csh.rit.edu) needs to be available to the world. The machine I vpn into (kenya) currently has a nat rule in pf.conf so I can get to the world from whack (which is now in my room on a roadrunner line behind a nat box). I changed the nat rule to a binat rule and added an IP alias to kenya, and now you can ssh to 'whack.csh.rit.edu' from anywhere and get the box here on roadrunner. Furthermore, all my traffic comes "from" whack.csh.rit.edu, so it's as if I were on csh's network. Go go gadget vpn.

This all seems quite neat to me, I didn't expect it to be so easy...