[kwlug-disc] Initiating connections to OpenVPN clients

Chris Frey cdfrey at foursquare.net
Wed Jun 29 19:23:50 EDT 2011


On Wed, Jun 29, 2011 at 06:37:43PM -0400, Paul Nijjar wrote:
> My inclination is to say that the firewall in front of client C is
> blocking incoming connections from network A. But I don't know whether
> OpenVPN can do magic to get around that. Can it?

  Network A ------- Server B
     |
  OpenVPN
   Server --------VPNlink----------- Client C

So OpenVPN server and Client C must cooperate for Server B to reach C.

The firewall could be in the OpenVPN server, or on Client C itself.
But once the VPN connection is made, the physical network that Client C
is on has no role in blocking anything.  If it doesn't block the VPN
connection, it can't block anything else.

If Client C connects to Server B, is C's IP address, as viewed from B
on the same network / netmask as A?  How does that compare with C's
idea of its own IP address?


> My eventual goal is to initiate an SSH session from server B to client
> C. (Yes, I know this is weird.) Can I do this without installing
> Cygwin and SSHD on server B?

If you don't have control of all the servers, the Cygwin route is probably
easiest.

- Chris




More information about the kwlug-disc mailing list