On 8/15/2011 4:43 AM, Paul van der Vlis wrote:
Hello,
I have customers with x2go installations in a local network behind NAT (fat clients), and I am looking for a way how to connect easy to them.
Of cause I can make a port forwarding, or an SSH tunnel from the fat client to my computer, but maybe you have a better and more flexible idea?
In earlyer times I used TightVNC. There was the great "-via" command, something like: vncviewer -via henk@server.henk.nl 192.168.0.33
Any ideas how to be flexible behind NAT with X2go?
Hi, Paul. Let me make sure I understand. The server is on an internal network behind NAT and users on the outside need to come in to it?
No, it are very normal fat-clients behind NAT, and only I (the sysadmin) need connect to them, to help the people when there are problems. I am looking for an easy and flexible way to connect.
( Hmmm, IPv6 is an option here. But I have many other customers where the ISP does not offer IPv6. )
What about an openvpn with correct routing? In this case your clients router is the server, your machine the client and the server pushes the routes for the connected network. Works very well here both for us employees checking into our business network on weekends/evenings and also to our clients. And it works with x2go, rdp, vnc, ssh, heck, we even have connected cups-printers over this...
That's an idea for bigger networks. For smaller networks it's maybe too much work. Thanks!
OpenVPN has 2 different modes. One is a point-to-point configuration that is simple to set up and understand (looks just like directly connected physical interfaces) but needs a process per instance. It is perfect for site-site connections or for admin access. The other is a 'server' mode that can accept a large number of connections - but you need to generate and manage ssl certificates per user.
-- Les Mikesell lesmikesell@gmail.com