Hey Adam,
I use VTun in a very similar setup, and one of the features I get is
that call-home option. I have it on an OpenWRT fw blob and there's
nothing that reduces stress more than when a newly field-burned WRT
calls the mother ship.
You'll be stuck with static IPs for much of it, unless you want to
dhcpcd/dnsmask on either end of very narrow ethertaps. I'm getting
along fine with statics, but I'm only doing a couple dozen at most. The
alternative brings in a few new complications anyway.
My setup is really vanilla: it is TCP tunnels, though, and I do put
compression and encryption where it makes sense. Watch if you're
running very small appliances: sometimes the libssl isn't available as
a shared object (a la OpenWRT) and then some tough choices needs to be
made. Consider putting your client init into inittab if you want it to
be really resilient.
Occasionally I notice the TCP-in-TCP problem, but even with VNC over
that link it's usually quite rare.
If you don't like VTun, there's also PPTPd, with the same hand-wringing
there too but centralize IP and auth setup. We suffer from a
smorgasbord of solutions.
- bish
Adam Phelps wrote:
> It sounds like this can be done with Vtun by running a Vtun server locally and
> having the VM run a Vtun client pointed back to our server, which would then
> allow us to SSH to the VM via the tunnel. Will this work? Alternately, does
> anyone on here have suggestions for a simpler solution?
--
I would go postal, but I have such bad aim.
Neil Bateman, 20090720, GTalk
------------------------------------------------------------------------------
Special Offer -- Download ArcSight Logger for FREE!
Finally, a world-class log management solution at an even better
price-free! And you'll get a free "Love Thy Logs" t-shirt when you
download Logger. Secure your free ArcSight Logger TODAY!
http://p.sf.net/sfu/arcsisghtdev2dev
_______________________________________________
Vtun-Users mailing list
Vtun-Users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/vtun-users
