On 2018-09-30 06:58, Andy Ruhl wrote:
On Tue, Sep 25, 2018 at 8:49 AM David Young <dyoung%pobox.com@localhost> wrote:I added UDP encapsulation to gre(4) in NetBSD specifically to pierce NAT firewalls, however, I don't know if Linux also has a UDP encapsulation for GRE.That's pretty cool. I will try it at some point. That plus a private IP address on both sides would solve this pretty cleanly. This is off topic, but it was alluded to earlier: I think it's possible for a router to forward an IP protocol inward via NAT, such as GRE? Or am I mistaken?
I've done that forever, and have been surprised that noone have even suggested it. I have both incoming UDP and TCP connections defined in my NAT machihne, that allows me to communicate from external machines to specific machine on the inside. For example ssh from the outside points to one specific machine on the inside, and I can thus ssh to that machine.
Setting up VPN and all other complex solutions seems like a big overkill if all the OP wanted was something like ssh access to a machine on the inside. You can even set things up to access different machine. Just use different ports on the external side, and setup a translation to a specific address and port on the inside.
All commercial routers I've used can do this, and I also use NetBSD to do this.
Johnny
--
Johnny Billquist || "I'm on a bus
|| on a psychedelic trip
email: bqt%softjar.se@localhost || Reading murder books
pdp is alive! || tryin' to stay hip" - B. Idol