1

I'm curious if someone knows an answer to my quite special question.

I want to realize the following setup:

I have 1 static IP with (restricted) internet access via Ethernet. I want to get a router connected to this port which should be able to grant dhcp adresses and internet to at least 3 pcs. now comes the tricky part: because of port restrictions, NAT is not an option.

On the other hand I have a root server on which a HTTPS proxy (squid) is running and where i could setup a VPN server or SSH tunnel. Is there a possibility (cheap one would be best as always^^) to let the router connect to my root server and forward the unrestricted internet to the 3 client PCs?

I read a bit in DD-WRTs documentation but couldn't come up with an answer to this specific question. also, I found this product http://www.dlink.com/products/?pid=564, but I couldn't find an answer in its technical description either.

EEAA
  • 109,363
  • 18
  • 175
  • 245
Martin Müller
  • 139
  • 1
  • 8

2 Answers2

1

Sounds like you should set up a pfSense box (or something like that) that will serve as a LAN-to-LAN VPN router, tunneling traffic back through your hosted server.

While SSH tunneling may work, it is very limited in what it can support. The same goes for a proxy server. With a full-fledged VPN (I'd recommend OpenVPN), you won't have any compatibility issues with certain applications like you would with the other options.

EEAA
  • 109,363
  • 18
  • 175
  • 245
  • First of all, thanks for your answer. I looked at the pfSense homepage and the requirements are quite high, so I suppose I could not use this on an embedded device like a router. I also found tun2socks which basically does what I expect (reading the description). Do you think this would cause compatibility issues? – Martin Müller May 08 '12 at 09:27
0

Yes, you can setup a VPN server (such as OpenVPN) on the external server and a VPN client on router (DD-WRT seems to support OpenVPN). Then configure the router to route all traffic over the VPN. You will need to NAT the client machines either on the VPN server or the router.

mgorven
  • 30,615
  • 7
  • 79
  • 122