ssh vpn network question, boosts appreciated 

so, I need to reach via ssh a machine which is on a partially closed network, meaning that I can ssh into it using a specific network but not from outside (e.g. home): the machine's ip I can ping from inside is not visible from outside, in that case the public ip is basically a gataway server rotated at each reboot and to which I do not have access...
is there a way to set up openvpn so that i can tunnel in from the outside too? or impossible?

Follow

ssh vpn network question, boosts appreciated 

@sifr
Yes, as long as the inside VPN machine can establish a VPN connection to an outside VPN machine, then this outside VPN machine will permit any other outside VPN machines to get into the inside VPN machine (granted you use their VPN IPs to SSH into, and that the inside VPN machine has SSH listening on the VPN IP). You may also want to look into tinc (specially the dev version which is very stable) for something easier/faster to configure.

ssh vpn network question, boosts appreciated 

@320x200 right, thanks, I think the first step, connection to an outside VPN machine, is what could not be possible here.. but I'll investigate following your prompt

ssh vpn network question, boosts appreciated 

@sifr Ah, that would be a problem then. You need to have the inside machine being able to establish an outgoing connection. As long as this is possible you can use VPNs, or even just reverse SSH tunnels (autossh can help), otherwise it's a bit hopeless... But there could be some limited workaround, your network may just block some known ports, but have a whole bunch of high number ports unrestricted, so you could configure your outside VPN machine to listen on such high number(s) port(s). If the machine is really isolated but can reach another inside machine on a less isolated/restricted subnet, you could use the less restricted machine as an intermediary hop before going out, but then it starts to be quite a project. I guess it depends on what you need...

Sign in to participate in the conversation
post.lurk.org

Welcome to post.lurk.org, an instance for discussions around cultural freedom, experimental, new media art, net and computational culture, and things like that.