OpenVPN. Tim Nelson Systems/Network Support Rockbochs Inc. (218)727-4332 x105 ----- "Marko Vojinovic" <vvmarko at panet.co.yu> wrote: > Sorry for an off topic post, but a lot of you folks are sysadmins here > or > there, and just might have a suggestion... ;-) > > I have a WinXP machine that is to be unattended for a period of 3 > years (yes, > I know, it sounds ridiculous, but still...). What I need is remote > access to > it to perform regular system maintenance, virus cleanups, occasional > software > installations, reboots, config changes, etc. > > Of course, rdesktop would do it, or vnc server or something else. The > problem > is that this machine is behind a NAT, and I cannot access it remotely > from > outside (and I need access from whereever on the planet I may happen > to be). > > Basically, I need to setup some type of ssh tunnelling from XP > (machine A) to > my static-IP-24/7-high-bandwidth-CentOS server (machine B) and then > further > to my laptop (machine C, Fedora 10) located elsewhere (possibly behind > > another NAT, I can't know in advance). I have root access for all > three > machines (A, B and C). Of course, all three are on different LANs. > > However, I have never done anything like this before, so I wonder what > is the > best method of creating such a setup? > > One of my ideas was to make some script on A which would connect to B > once > every 15 minutes or so, look for a flagfile, and if present, initiate > > connection with C directly or through B if necessary. That means, if I > want > access from C to A, I ssh from C to B and create a flagfile, wait 15 > minutes > or so, and a rdesktop (or vnc or other) appears on my laptop. In > theory. > > Or is there some other XP-tool that might do what I want out of the > box? > However, it need be absolutely automatic, there will be nobody around > to do > anything locally on A once I leave it. > > Another idea I had was to have machine A running as a virtual machine > on a > CentOS host (vmware or such would suffice). Then I could easily > configure the > above A-to-B-to-C scenario, shutdown the virtual A, pull its hard disk > file > to C, start it locally, perform maintenance, push it back to host A > and run > it again as a vm. But this is highly complicated, takes too much time > and > bandwidth, so I hope something simpler is available. > > Yet another idea is to ask A's ISP to provide a static IP for that > machine, or > to forward some available port to A, which could be used by rdesktop > in some > customized fashion. But the ISP may refuse such requests, and I need a > robust > solution. > > Yet even another idea is to put another CentOS machine (D) between A > and A's > ISP (create a local LAN). Then initiate ssh -X connection from C to D > > (somehow, via flagfile scenario or such), and then rdesktop from D to > A over > a local LAN. > > The main problem is NAT, if machine A had a world-accessible IP, I > would just > rdesktop from C to A, but alas, it doesn't... :-( > > Any suggestions about the best way of doing this? > > Thanks, :-) > Marko > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos