[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: crest.d.o and m68k.d.o

On Mon, Nov 12, 2007 at 01:28:21AM +0100, Michael Schmitz wrote:
> Routing/VPN off Duesseldorf would give you a quasi static address (we
> would need to put a similar mechanism in place to update the route entry,
> whereas for VPN you would just have to reopen the tunnel after an IP
> change).

I can recommend OpenVPN there: it'll try reconnecting every five seconds
if the link dies; it can work with SSL certificates rather than
passwords; and it's fairly reliable IME.

> I assume iptables can be tweaked to redirect port 22 for crest to port
> 2622 or whatever on sol, with similar tricks for http and smtp. I would
> have to look at some example rules to pull it off, though.

Sure. Something like this should work:

iptables -t nat -A PREROUTING -d <old IP of crest> --dport 22 -j REDIRECT --redirect-to <new IP of crest>:2622

if I'm not mistaken (writing this from memory), but at the very least it
will show you what you need.

> Note that I will have to clear any of this with the biophys IT guys, and
> it would take a while to set up. Pointing crest.d.o and m68k.d.o to
> Christian's dyndns would be quicker but less functional.

-- 
<Lo-lan-do> Home is where you have to wash the dishes.
  -- #debian-devel, Freenode, 2004-09-22
Reply to: