[kwlug-disc] Is there a way that I can https Proxy into my lan's http pages?
John Van Ostrand
john at netdirect.ca
Tue Sep 13 17:16:33 EDT 2011
----- Original Message -----
> I want to be able to access my home lan from abroad without any
> special tools and have more than one web gui that I would like to
> access but I want to make sure that I'm not relying on their security
> only their usefulness.
It's the "without special tools" that is the challenge here.
Typically when one wants remote access to more than one service on a network the solution is to use a universal solution instead of one that just works for the few cases. Almost certainly people find other things they want to connect to and eventually they end up with a VPN.
So here are what might be the best options to date.
SSH tunneling. This requires an SSH client but fortunately they are installed by default on Linux. Putty is the SSH tool for Windows. This is one of the limited options, but it can be useful. The idea is that you only expose SSH to the Internet. SSH allows TCP tunnels so you can access any service on your network that uses TCP (like web servers.) Putty and Linux's SSH have the same command line. So if you do this:
ssh -L 8080:hostname:80 myserver.dyndns.org -l username
After logging into "username" to your ssh server, you can point your browser to http://localhost:8080 and it will tunnel you through to the web server on "hostname".
You can also do multiple by adding additional -L arguments:
ssh -L 8080:hostname:80 -L 8081:otherhost:80 myserver.dyndns.org -l username
The above command connects to hostname and otherhost. Note that I had to use 8081 as the local port so it would not conflict with the first tunnel. Again open a browser ant point it to http://localhost:8080 or http://localhost:8081 and you'll get your home servers.
This has some security issues that can be mitigated so if you chose this make sure you ask about securing it.
The full-strength option is a VPN. There are several choices here including ones that work well with Windows (like PPTP) and ones that require add-on software (openVPN) but work with anything.
--
John Van Ostrand
CTO, co-CEO
Net Direct Inc.
564 Weber St. N. Unit 12, Waterloo, ON N2L 5C6
Ph: 866-883-1172 x5102
Fx: 519-883-8533
Linux Solutions / IBM Hardware
More information about the kwlug-disc
mailing list