Discussion on how to establish IP tunnel by using Linux

Method 1: Encrypt the channel based on SSHde.

SSH(SecureShell) is a set of secure de network connection programs, which can realize remote login to other systems through the network. This is an encrypted decryption network protocol. However, OPENSSH not only has the function of remote login, but also can establish an encrypted IP tunnel.

Wo men, suppose the Alice.org server is located in the enterprise network de, and its IP address is 192. 168.2.200, so it can access the Internet through NAT. Wo men now needs to access Alice through a machine named bob.orgde on the Internet, that is, to log in to Alice remotely. At this time, we need to establish an IP tunnel between bob and alice. The woman first logs in to Alice and executes the command:

# ssh-r11022:127.0.01:22 Ideal @ 211./kloc-0.

This command indicates that server 211.1.1is logged in, and server de 1 1022 is directed to local port de22. After executing this command, you will be prompted to enter the password of the ideal user, and then you will log in to the remote server bob. At this time, you will find the 1 1022 port monitor on bob's netstat-ln, and keep alice's connection with bobdessh uninterrupted. After logging in to the server bob from anywhere on the Internet, we can log in to the alice server through this tunnel and execute the following commands:

# ssh localhost-p 1 1022

This command means to connect the local de 1 1022 port. Because wo men has created the tunnel from alice to bobde, connecting the local de 1 1022 port is actually to access the port number of alicede22 through the tunnel.

In this way, you can log in to the de server alice in the intranet, but because the source port is specified in the ssh command, this tunnel can generally only support one protocol, which has the advantage of de security brought by your encryption for a specific application, but it is not flexible enough. Moreover, in order to ensure the smoothness of the tunnel, the connection between alice and bobdessh cannot be disconnected, which means that the user cannot quit alice, otherwise the tunnel will be closed.

Method 2: Establish an IP tunnel using vtun.

VTun(VirtualTUNnel,) is a powerful de software, which can be used to establish IP virtual tunnels. The number of tunnel des can be unlimited, completely depending on the DE capability of the machine, and on this basis, VPN, mobile IP and other functions can be realized.

Vtun supports the de channel and has many of your functions:

* Encryption: supports authentication based on CHAPde, and adopts BlowFish 128bit key.

* Compression: supports compression algorithms such as zlib and lzo.

* Communication shaping: independent of the platform, allowing to limit the rate of entering and exiting the channel respectively.

Vtun supports the following types of channels:

* IPtunnel(tun): pppdeIP tunnel is supported.

* Ethernettunnel: supports various protocols that can realize Ethernet encapsulation, such as IPX, Appletalk, Bridge, etc.

* Serialtunnel (tty): supports serial cable de transmission mode, such as PPP and SLIP.

* Pipetunnel: supports Unix pipe de programs that you can use.

Vtun supports multiple platforms, including Linux, BSD and Solaris.

Mi Gong looks like Cecilia Cheung. Is it plastic surgery?

Can Yunnan Baiyao be used for dog trauma?

Guangzhou plastic surgery recruitment medical assistance

What are the latest orders for epidemic prevention and control in Zhejiang hospitals?

Who is more beautiful, Dilraba or Angelababy?

What are the symptoms and treatment methods of cystitis?

How many kilometers is it from Liaocheng to Beijing?

I just asked the First Affiliated Hospital of Sun Yat-sen University. Every aspect.

How to recover after skull repair surgery

A film about European and American models losing weight