Difference between revisions of "Network/VPN"
From Makers Local 256
< Network
(We now are using a real SSL certificate for VPN.) |
(added instructions for using Poor Man's VPN) |
||
| Line 11: | Line 11: | ||
== Connecting == | == Connecting == | ||
# Start the AnyConnect or OpenConnect client, and supply the address 256.makerslocal.org:876 | # Start the AnyConnect or OpenConnect client, and supply the address 256.makerslocal.org:876 | ||
| − | #* On most platforms, you can do | + | #* On most platforms, you can do <code>openconnect 256.makerslocal.org:876</code> |
# Enter your VPN username and continue. | # Enter your VPN username and continue. | ||
# Enter your VPN password and continue. | # Enter your VPN password and continue. | ||
| Line 17: | Line 17: | ||
Now your connection will be brought online and you can access Maker-exclusive network resources. (Your connection may be announced in IRC.) | Now your connection will be brought online and you can access Maker-exclusive network resources. (Your connection may be announced in IRC.) | ||
| + | |||
| + | == Poor Man's VPN == | ||
| + | If you have a VPN account, but you can't run OpenConnect or AnyConnect at the moment, you can use ssh to log into the newvpn box: | ||
| + | |||
| + | <code>ssh -p 22876 hfuller@256.makerslocal.org</code> | ||
| + | |||
| + | From there, you could ssh to other resources at the shop, or do whatever else you can do from the command line. | ||
| + | |||
| + | You can also use ssh's -L option to forward ports on your local machine to ports on the Makers network, if that's your thing: | ||
| + | |||
| + | <code>ssh -p 22876 -L 2222:cascade:22 tylercrumpton@256.makerslocal.org</code> | ||
| + | |||
| + | If I were Tyler, this example would expose port 22 on [[CasCADE]] as port 2222 on my local computer. See <code>man ssh</code> for more help with this. | ||
Revision as of 18:06, 8 April 2015
Contents
[hide]Info
- We use the ocserv VPN server.
- This server implements the Cisco AnyConnect protocol. You can use either the OpenConnect open source client or Cisco's AnyConnect client to connect. Both AnyConnect and OpenConnect are available on many platforms, including GNU/Linux, Windows, Mac OS X, and Android. On Windows, you might want to try this OpenConnect GUI, but I don't know much about it.
- All members have the option to use the VPN. Since we have not enabled LDAP authentication just yet, you will need to set a VPN password first.
Acquiring access
- Request VPN account from EnabrinTain or hfuller.
- This will need to be done in person, or in a way that the admin can be certain of your identity.
- Set your VPN password.
Connecting
- Start the AnyConnect or OpenConnect client, and supply the address 256.makerslocal.org:876
- On most platforms, you can do
openconnect 256.makerslocal.org:876
- On most platforms, you can do
- Enter your VPN username and continue.
- Enter your VPN password and continue.
- Accept the terms of use for the VPN.
Now your connection will be brought online and you can access Maker-exclusive network resources. (Your connection may be announced in IRC.)
Poor Man's VPN
If you have a VPN account, but you can't run OpenConnect or AnyConnect at the moment, you can use ssh to log into the newvpn box:
ssh -p 22876 hfuller@256.makerslocal.org
From there, you could ssh to other resources at the shop, or do whatever else you can do from the command line.
You can also use ssh's -L option to forward ports on your local machine to ports on the Makers network, if that's your thing:
ssh -p 22876 -L 2222:cascade:22 tylercrumpton@256.makerslocal.org
If I were Tyler, this example would expose port 22 on CasCADE as port 2222 on my local computer. See man ssh for more help with this.
