Blog roll
R-bloggers, Debian Weekly![[Valid RSS]](valid-rss-rogers.png "Validate my RSS feed")
Last modified:
oktober 17, 2019
Problem: With NAT:ed LAN:s, it is not trivial how to login from internet to the computers on the LAN.
Solution: Let the DMZ box be the central node in a minimal VPN. When the your computers (regardless if they are in the LAN or out in the internet) get an IP, they automatically connect to DMZ box and reserve a special port on which they can be reached by other computers.
Since this is ssh, you are not restricted to login, you can just as
well mount filesystems with sshfs or sync files with rsync, etc.
Sometimes, when network traffic is costly, or unreliable, you will want to inactivate the a certain client auto-connects to the DMZ box. Then, on the client do this:
chmod 644 /etc/network/if-*.d/my-vpn
To activate again:
chmod 755 /etc/network/if-*.d/my-vpn
/etc/my-vpn/etc/init.d/my-vpn/etc/network/if-up.d/my-vpn/etc/network/if-down.d/my-vpnOnly the first file need to different on each client, files 2-4 are same on all clients.