So from SITE1 I wanted to connect to a remote SITE2 and run my browser against SITE3 through the proxy at SITE 2 in order to debug a web application.
In order to do this I need to install an OpenVPN server at SITE2 and an OpenVPN client at SITE1
SITE2 will be first accessed through TeamViewer to create a connection, then we create the VPN tunnel throgh the TeamViewer connection.
Steps:
Install the OpenVPN software ( http://openvpn.net/index.php/download/community-downloads.html ) at SITE2 and SITE1
At SITE2 set up the server, generate certificates for server and client in the easy-rsa folder of OpenVPN
At SITE1 set up the client, copy the certificates from the server
server.ovpn
# the ip of the vpn server machine
local 10.158.226.50
port 1194
proto udp
dev tap
dev tun
ca "C:\\Program Files (x86)\\OpenVPN\\easy-rsa\\keys\\ca.crt"
cert "C:\\Program Files (x86)\\OpenVPN\\easy-rsa\\keys\\server.crt"
key "C:\\Program Files (x86)\\OpenVPN\\easy-rsa\\keys\\server.key" # This file should be kept secret
dh "C:\\Program Files (x86)\\OpenVPN\\easy-rsa\\keys\\dh1024.pem"
# this will redirect all traffic, even HTTP, over the vpn tunnel
push "redirect-gateway def1"
# this will enable DNS lookup over the VPN tunnel
push "dhcp-option DNS 10.8.0.1"
client.ovpn
remote 10.158.226.50 1194
ca "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\client1.crt"
key "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\client1.key"
In windows networking select the default ethernet connection "Local Network Connection" Control Panel\All Control Panel Items\Network and Sharing Center and when the dialog appears, check "Allow network users to connect through this computer's internet connection". Select Local Area Connection 2, which should be Your VPN connection interface 10.8.0.1
Start server, connect client, and bada-bing, you're now surfing through a VPN tunnel.
Of course this would be a good way to access Your home computer from work to do all the private surfing hidden from the eyes of your friendly IT-administrator.
No comments:
Post a Comment