#1 2015-07-28 21:49:00

Simonindia
Moderator and your buddy
From: India
Registered: 2015-06-05
Posts: 599

Vpn from (Client) SiteA-->SiteB-->SiteC (gateway) Using LES

Hi Guys,
            My scenario is i live in INDIA my ISP connectivity from Home to Germany box is great but to US or for that matter any other location is bad

But from germany to USA is great. So i have 5 or more LES boxes i want to connect via Vpn from SiteA(home)-->SiteB(germany)-->SiteC(USA)

my traffic will flow through from home to germany to USA

I have tried to do this i failed several times so i never retried till now can any one help me with this OR make  a howto guide that would be help full for me And LES community who have the same problem

Thanks in Advance smile

Last edited by Simonindia (2015-07-28 21:50:02)


Just trying my best to help. ♥ |
----------------------------------------------------------------------------------
“Remember to always be yourself. Unless you suck.” -Joss Whedon“Do what you can, with what you have, where you are.”-Theodore Roosevelt

Offline

#2 2015-07-28 23:06:04

shot²
Member
From: France, Yourope
Registered: 2015-07-20
Posts: 7

Re: Vpn from (Client) SiteA-->SiteB-->SiteC (gateway) Using LES

It's (likely) possible using NAT rules on each server; I intend to experiment with this in the coming weeks smile (only with a more complex scheme involving 5 servers interconnected in a mesh - including a NanoVZ).

The basic idea is to perform SNAT/DNAT on each server in the chain so as to forward (in and out, SNAT+DNAT) traffic originating from the first server in the chain (= the "entry gate" one you connect to from home).

Definitely not trivial to create, though - prone to errors, it has to be carefully planned then configured by hand. Success depends on your skills with networks (routing etc.) and on the abilities/connectivity of each server... The whole thing might even prove worse than expected due to latency, downtimes, weird routes between servers etc.

Offline

#3 2015-07-28 23:20:04

Simonindia
Moderator and your buddy
From: India
Registered: 2015-06-05
Posts: 599

Re: Vpn from (Client) SiteA-->SiteB-->SiteC (gateway) Using LES

shot² wrote:

It's (likely) possible using NAT rules on each server; I intend to experiment with this in the coming weeks smile (only with a more complex scheme involving 5 servers interconnected in a mesh - including a NanoVZ).

The basic idea is to perform SNAT/DNAT on each server in the chain so as to forward (in and out, SNAT+DNAT) traffic originating from the first server in the chain (= the "entry gate" one you connect to from home).

Definitely not trivial to create, though - prone to errors, it has to be carefully planned then configured by hand. Success depends on your skills with networks (routing etc.) and on the abilities/connectivity of each server... The whole thing might even prove worse than expected due to latency, downtimes, weird routes between servers etc.

I share the same concerns as you its complex and it would be prove to produce worse results that expected but if it works that would make me immune from from bad Internet routing problems i can route my traffic through tested best route

In asia there is many Under sea cable failure problem so it helps me to route traffic through my desired route

Any way it would be nice if you can write how to do that if u succeed

i have been trying to setup this and post the tutorial Using Tinc

Last edited by Simonindia (2015-07-28 23:23:14)


Just trying my best to help. ♥ |
----------------------------------------------------------------------------------
“Remember to always be yourself. Unless you suck.” -Joss Whedon“Do what you can, with what you have, where you are.”-Theodore Roosevelt

Offline

#4 2015-07-29 09:22:37

laurens
Trusted Member
Registered: 2013-08-05
Posts: 37

Re: Vpn from (Client) SiteA-->SiteB-->SiteC (gateway) Using LES

I recently made something extremely similair, and hope to write it up soon; what I have:

ps4 (ip: 192.168.1.50) -> (192.168.1.105 on ETH0) raspberry pi which has a TINC vpn on 192.168.3.1 and does natting to to:) -> (tinc vpn on 192.168.3.2) uk les node.

I use a rule to set which source IP should go to which target GW on the raspberry pi, so give me a bit of time and I'll write up my tutorial smile

So I go through a Rasberry Pi and 1 les box, vs going through 2 LES boxes, but I think that's a minor detail.

(I'm very happy with the setup, I even made a tiny app for android so I can easily switch which gw my ps4 goes through, as I said, hope to write it up & publish the scripts soon)

Last edited by laurens (2015-07-29 09:23:25)

Offline

#5 2015-07-29 13:09:00

Simonindia
Moderator and your buddy
From: India
Registered: 2015-06-05
Posts: 599

Re: Vpn from (Client) SiteA-->SiteB-->SiteC (gateway) Using LES

That would do be great

And you use the UK LES as Internet Gateway for all your traffic

If we figure out to take the traffic the way through we want then i can that would make all the difference

Thanks in advance


Just trying my best to help. ♥ |
----------------------------------------------------------------------------------
“Remember to always be yourself. Unless you suck.” -Joss Whedon“Do what you can, with what you have, where you are.”-Theodore Roosevelt

Offline

#6 2015-07-29 20:46:26

laurens
Trusted Member
Registered: 2013-08-05
Posts: 37

Re: Vpn from (Client) SiteA-->SiteB-->SiteC (gateway) Using LES

I currently DON'T use the uk les for ALL the traffic, but if I set my ps4 (or other machine) to go through the UK then yes, it is indeed for all the trafic. But yes, I can tweak it so it does do all the traffic too (aka for other machines too, as long as I've set them up to use the raspberry pi as their router).

I hope to find some time soon to type this up!

Offline

Board footer

Powered by FluxBB