Tom, As long as the AstLinux box can reach the PC, the VPN can as well, or can be made to.
For OpenVPN, the Firewall tab has an option: _x_ Allow OpenVPN Server tunnel to the [ 1st LAN Interface ] which allows you to select which LAN interface OpenVPN Server is allowed to. Lonnie On Dec 11, 2012, at 10:34 AM, Tom Chadwin wrote: > Hi Lonnie > > To clarify: if I set the Astlinux box up as a VPN server (probably OpenVPN > road warrior), and I connect to that remotely, will I be able to reach other > machines on the remote LAN, even though they do not have the Astlinux box > set as their default gateway/route? > > Thanks > > Tom > > > -----Original Message----- > From: Tom Chadwin [mailto:[email protected]] > Sent: 10 December 2012 16:29 > To: 'AstLinux Users Mailing List' > Subject: RE: [Astlinux-users] NAT rule > > Understood. No, we have no VPNs set up on the Astlinux box - the firewall on > the main line (which was down) is the VPN endpoint. I shall look at setting > up an OpenVPN for this very situation in the future. Thanks for the > suggestion. > > Thanks again > > Tom > > > -----Original Message----- > From: Lonnie Abelbeck [mailto:[email protected]] > Sent: 10 December 2012 16:27 > To: AstLinux Users Mailing List > Cc: Tom Chadwin > Subject: Re: [Astlinux-users] NAT rule > > Tom, > > I see what you are trying to do, but the source address of your NAT EXT-LAN > packet to the PC will be the address the PC sends the reply to, and that > will no doubt go via your default gateway... which is down. > > Though, if you had a VPN server enabled on the AstLinux box then you should > be able to reach your internal PC. PPTP Server may be the easiest for a > quick temporary solution, but OpenVPN Server or IPSec Mobile would be a > better long term solution. > > Lonnie > > > On Dec 10, 2012, at 9:57 AM, Tom Chadwin wrote: > >> Hi Lonnie >> >> OK, so that's not the explanation of why my RDP session would not > connect. >> Basic networking question follows: >> >> This Astlinux box is not the gateway for our Windows boxes. Does this >> mean that, even if I set a port-forward up right on the Astlinux box >> (which I think I did), there is no way to get the Windows box to send >> it's reply via the Astlinux box, rather than via the normal gateway >> (which in this instance was down, which is the problem I am trying to > solve)? >> >> Thanks for all the help >> >> Tom >> >> >> -----Original Message----- >> From: Lonnie Abelbeck [mailto:[email protected]] >> Sent: 10 December 2012 15:47 >> To: AstLinux Users Mailing List >> Cc: Tom Chadwin >> Subject: Re: [Astlinux-users] NAT rule >> >> Hi Tom, >> >> The Firewall tab's "NAT EXT:" entry specifies which external IP the >> rule applies to, by default it is 0/0 which is any external IP. You >> probably only have one external IP address. >> >> So, something like this would work for RDP >> -- >> NAT EXT-LAN Protocol: TCP Src: 0/0 Port: 3389 Dst: 192.168.100.10 > Port: >> 3389 NAT EXT: 0/0 >> >> { Restart Firewall } - _x_ Confirm >> -- >> >> For the advanced, special case where your external interface has more >> than one static IP address defined via the Advanced variable >> EXTIP_ALIAS >> (user.conf): >> >> EXTIP_ALIAS="1.2.3.11" >> >> In this case, in addition to the static external IP address defined in >> the Network tab (assume 1.2.3.10), the 1.2.3.11 address will also be > 'aliased' >> to the same external interface. For this case when NAT'ing, you can > use: >> -- >> NAT EXT: 1.2.3.10 >> -- or -- >> NAT EXT: 1.2.3.11 >> -- or -- >> NAT EXT: 0/0 >> -- >> to specify if the NAT rule should apply to only 1.2.3.10, or only >> 1.2.3.11 or both 0/0. >> >> Lonnie >> >> >> On Dec 10, 2012, at 8:04 AM, Tom Chadwin wrote: >> >>> Hello all >>> >>> Just lost main connection to a remote site, but the Astlinux box >>> (also on the LAN) on its own line is up and reachable. I'm therefore >>> trying to set up a port forward on the Astlinux box to allow me to >>> RDP from here to a Windows box on the LAN. >>> >>> Have added a "NAT EXT>LAN" rule. This brings up another field >>> labelled "NAT EXT", with the default value of 0/0. What is this? >>> Should I enter something here? I cannot establish the RDP session >>> yet, so something isn't >> working. >>> >>> Thanks >>> >>> Tom >> >> >> >> ---------------------------------------------------------------------- >> -------- LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free >> Trial Remotely access PCs and mobile devices and provide instant >> support Improve your efficiency, and focus on delivering more >> value-add services Discover what IT Professionals Know. Rescue >> delivers http://p.sf.net/sfu/logmein_12329d2d >> _______________________________________________ >> Astlinux-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/astlinux-users >> >> Donations to support AstLinux are graciously accepted via PayPal to > [email protected]. >> >> > > > > ------------------------------------------------------------------------------ > LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial > Remotely access PCs and mobile devices and provide instant support > Improve your efficiency, and focus on delivering more value-add services > Discover what IT Professionals Know. Rescue delivers > http://p.sf.net/sfu/logmein_12329d2d > _______________________________________________ > Astlinux-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to > [email protected]. > > ------------------------------------------------------------------------------ LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial Remotely access PCs and mobile devices and provide instant support Improve your efficiency, and focus on delivering more value-add services Discover what IT Professionals Know. Rescue delivers http://p.sf.net/sfu/logmein_12329d2d _______________________________________________ Astlinux-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to [email protected].
