Setting up remote access

After getting my lab going I find ever so often while at work or on a business trip, I need to do a quick test of a scenario and I have no access to my equipment. When I had regular ADSL internet this was not a problem as I could easily configure DYNDNS on my modem and then vpn into my network from outside. This is no longer the case however with the new fiber service as now my provider has implemented CG-NAT and is leasing a routable public IP  for almost the same cost as the service.

I thought about using teamviewer but my lab network, by design is separated from my how network so not a viable option.

The next option I looked at is creating the equivalent of an hamachi tunnel where the remote sites dont need to rely on a local public IP but traffic between sites can be routed using the native private subnets.

My solution ended up looking like this.

lab

I created an ubuntu VPS on the amazon cloud and installed strongswan 5.3 then I setup a tunnel between my edge router and the strongswan server, publishing all the subnets for both my lab and the house network.

I then created a roadwarrior account on the strongswan for my laptop and tablet then by the magic of VPN I now have access to my home network using all private IPs and most importantly, without having to pony up a rental fee for a public IP.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s