# Private Tunnel/VPN through SSH Portforwarding or open port



## sebastianbrandner (Aug 22, 2012)

Hi!

At first, I want to say, I've already tried to solve it by myself with OpenVPN, but didn't get it. My FreeBSD 9 box should be my private tunnel for all connections.

If I'm on a public wlan or in the corporate network, I want to tunnel all traffic through my FreeBSD box, so that I'm able to connect to everything. I'm able to connect through ftp, ssh, http and https from my company to the outside world. No SMTP(s) to mailserver or something else is available.


So I need following:

 Client for my MacBook (openVPN client or built in standard vpn connection)
 tunnel connection port through ssh (eg -L1723:localhost:1723)
 FreeBSD box: which tools should I use? openvpn, ppptp, ipsec ... doesn't matter, should just be straight forward and easy :-D


regards,
sebastian


----------



## SirDice (Aug 22, 2012)

The simplest solution is to use ssh(1). Just make sure your FreeBSD server is online and has port 22 open. Then, on your MacBook/Linux/FreeBSD workstation:
[cmd=]ssh -D8080 myfreebsd.host.at.home[/cmd]

On Windows you can use PuTTY, it can also create a _dynamic_ port forward.

Configure your browser to use http://localhost:8080 as a SOCKS-5 proxy.


----------



## sebastianbrandner (Aug 22, 2012)

hi!

I have already found this socks proxy solution but I've not the option to use a proxy with every tool, so I need to build a VPN.

I thought about something like this:

fbsd FreeBSD box offers PPTP
With ssh(1) I'll forward 1723 for PPTP
Connect with built in VPN client to localhost

Don't know if this is possible, just brainstorming


----------



## kpa (Aug 22, 2012)

That's way too complicated. I would set up an OpenVPN server on the FreeBSD machine that listens on the TCP port normally used by HTTPS, 443. That way the corporate firewall will let you trough. PPTP is probably out of the question because it needs an auxillary GRE protocol connection on top of the TCP connection to port 1723.


----------



## sebastianbrandner (Aug 23, 2012)

Ok, I've installed openVPN with the default port. I couldn't find this webinterface (http://openvpn.net/index.php/access...o-configure-openvpn-as-with-admin-web-ui.html). There should be, according to the how to, a ovpn-init bin.
Is this executable available with the FreeBSD port security/openvpn?

Maybe I've done something wrong


----------



## SirDice (Aug 23, 2012)

It's probably /usr/local/share/doc/openvpn/sample-scripts/openvpn.init.


----------



## sebastianbrandner (Aug 23, 2012)

That's the default rc.d start script. I've also looked at this file :\


----------



## kpa (Aug 23, 2012)

OpenVPN-AS is the commercial solution as far as I know. The open source version does not have the web management ui.


----------

