Web lists-archives.com

Re: Accessing SSH server over VPN




Piotr Martyniuk wrote: 
> I have hardware router which allows to configure VPN. I managed to set
> it up on my laptop (debian Stretch) in the NetworkManager applet. So
> now I can connect from office to outside word using my home router as
> a proxy (when I check my IP it shows the IP of my router).
> 
> I can also connect to one linux desktop machine (debian Jessie),
> however not by VPN, but this is not an issue.
> 
> The issue is that when I connect to my desktop I would like to ssh
> back to my laptop using VPN channel, so I could open the result in the
> local X server. The problem is that I cannot even ssh to my laptop
> when I try to use laptop VPN IP.
> 
> What would I have to check/try in order to resolve the issue?

Let's do a little diagram:

[ laptop 10.0.0.2 ] ------- [ 10.0.0.1     ]
                            [ House Router ]
                            [ firewall     ]
                            [ 192.168.0.20 ] => VPN
                            [ 235.12.17.22 ] => general Internet

and at the office:

[ desktop 192.168.1.7 ] --- [ 192.168.1.1   ]
                            [ Office Router ]
                            [ firewall      ]
                            [ 192.168.0.1   ] => VPN
                            [ 172.12.23.4   ] => general Internet

I made up the IP addresses, but other than that, does this look
about right?

If so, you're trying to ssh from 192.168.1.7 to 10.0.0.2. Here's
what needs to happen:

- from your desktop, you need to ssh to 192.168.0.20, the
  address that your house router has on the VPN. Ping it.

- what could get in the way? the firewall at the office needs to
  allow access to the VPN IP, and specifically for the port that
  you are using (default 22)

- the house router needs to accept the SSH connection on the VPN
  IP and NAT it over to 10.0.0.2, the laptop.

- the laptop needs to be running sshd, of course.

-dsr-