|
|
| Author |
Message |
htjiawi
Guest
|
 Posted: Apr 21, 2004 5:46pm Post subject: connecting to your home PC from behind proxy / firewall |
 |
|
use HTTPS protocol to connect to your home PC all you need is
ORENOSP. search google for ORENOSP.
sample configuration file for server: sproxy.conf
# this is configuration file user by ORENOSP service running on server with direct internet connection
# the client PC from behind corporate proxy and firewall can access this server provided
# the client is allowed to access https site from inside corporate proxy
# using this program client will be able to access Terminal Server using Remote Desktop,
# Telnet, Proxy from Internet Explorer,
# Remotely Anywhere, and many other
# application including openvpn
# the advantage of this application is that it only require one port open on your home firewall
# usually port 443 (HTTPS) and will allowed you to access multiple application on your home
# through this one open port and you can still access all this application even when you
# are behind corporate proxy and corporate firewall
# sample provided here open 3 services: terminal service (rdp), telnet and webproxy
# to use it you will need to modify the following variables in this files:
# user_id
# password
# password_for_certificate (you create this when generating your certificate)
# change the port for services corresponding to your services setting
# for terminal service to work you will need windows 2000 server or windows 2003 server
# or windows xp with terminal service enable
# all label must match on this file and to the corresponding otunnel.conf on client
#
# Very simple orensp ssl reverse proxy configuration
# for 0.4.0 or later
tunnel_enable=1
# proxy listens on standard HTTPS port
# and forwards all requests to http://localhost:80
# listen port
proxy_listen_name = lis-ssl 0.0.0.0@443 https
# proxy to tunneling gateway
proxy_sslvpn_label = /vpn/rdp
proxy_sslvpn_label = /vpn/telnet
proxy_sslvpn_label = /vpn/proxy
#if backend server is using non-standard port, use
# proxy_pass_by = lis lis-ssl http://localhost:2000
#proxy_auth_url = <extended-url-pattern> [options]
proxy_auth_url = lis-ssl://*/* -u="user_id:password" -rlm="NEWSERVER"
#
# SSL: pass phrase for server private key
#
proxy_ssl_keypass = password_for_certificate
#
# --- tunneling settings ---
# Notice there's no tunnel-specific listen port defined (tunnel_listen_name)
#
#tunnel_listen_name = mpx 0.0.0.0@443 ssl -mpx=sslvpn
tunnel_dest_name = lan-rdp localhost:3389 raw
tunnel_dest_name = lan-telnet localhost:23 raw
tunnel_dest_name = lan-proxy localhost:81 raw
tunnel_pass_by = label /vpn/rdp lan-rdp
tunnel_pass_by = label /vpn/telnet lan-telnet
tunnel_pass_by = label /vpn/proxy lan-proxy
# access log file
#proxy_log_access_io = single logs/access.log
#
# HTTP compression
# uncomment both lines below to enable HTTP compression
#proxy_filter_define = comp-txtonly mod_filt_zlib mtype="text/"
#proxy_filter_assign = * comp-txtonly
#
# URL rewrite in contents (response bodies)
# uncomment both lines below AND create simple_subst.conf to describe
# replacement rules (see Users' Guide)
# Note: these must come after HTTP compression settings in config file.
#proxy_filter_define = ext-rewrite mod_filt_ext int=rewrite_simple mtype="text/html"
#proxy_filter_assign = * ext-rewrite
#end
************************************************************8
sample configuration for client: otunnel.conf
************************************************************
# configuration for orenosp-cli (in otunnel.conf)
# this is a sample configuration and it is used with otunnel.exe
# command line to activate this configuration from client PC from inside corporate proxy
# provided user is allowed to access any https site
# command line: otunnel -c
# this sample configuration provide 3 services by only opening one port on external server
# with direct internet connection (port 443, see server configuration: sproxy.conf file for detail)
# you need to change the following items on this file:
# your.internet.ip.address
# user_id (set when generating key on ORENOSP server and also on sproxy.conf)
# password (set when generating key on ORENOSP server and also on sproxy.conf)
# note: tunnel_listen_name must match with tunnel_pass_by
# tunnel_pass_by must match with proxy_ssl_vpnlabel on sproxy.conf)
# your can used any port on client PC as long as your client application allowed it
tunnel_listen_name = rdp 0.0.0.0@88 raw
tunnel_listen_name = telnet 0.0.0.0@28 raw
tunnel_listen_name = proxy 0.0.0.0@81 raw
tunnel_dest_name = your.internet.ip.address your.internet.ip.address:443 ssl -mpx=sslvpn -proxy=proxy_server:8080
tunnel_pass_by = lis rdp your.internet.ip.address -mpxlabel=/vpn/rdp -auth=user_id:password
tunnel_pass_by = lis telnet your.internet.ip.address -mpxlabel=/vpn/telnet -auth=user_id:password
tunnel_pass_by = lis proxy your.internet.ip.address -mpxlabel=/vpn/proxy -auth=user_id:password
Good Luck |
|
| Back to top |
|
 |
Guest
|
| Posted: Oct 07, 2005 11:12am Post subject: Re: connecting to your home PC from behind proxy / firewall |
|
|
| htjiawi wrote: | use HTTPS protocol to connect to your home PC all you need is
ORENOSP. search google for ORENOSP.
sample configuration file for server: sproxy.conf
# this is configuration file user by ORENOSP service running on server with direct internet connection
# the client PC from behind corporate proxy and firewall can access this server provided
# the client is allowed to access https site from inside corporate proxy
# using this program client will be able to access Terminal Server using Remote Desktop,
# Telnet, Proxy from Internet Explorer,
# Remotely Anywhere, and many other
# application including openvpn
# the advantage of this application is that it only require one port open on your home firewall
# usually port 443 (HTTPS) and will allowed you to access multiple application on your home
# through this one open port and you can still access all this application even when you
# are behind corporate proxy and corporate firewall
# sample provided here open 3 services: terminal service (rdp), telnet and webproxy
# to use it you will need to modify the following variables in this files:
# user_id
# password
# password_for_certificate (you create this when generating your certificate)
# change the port for services corresponding to your services setting
# for terminal service to work you will need windows 2000 server or windows 2003 server
# or windows xp with terminal service enable
# all label must match on this file and to the corresponding otunnel.conf on client
#
# Very simple orensp ssl reverse proxy configuration
# for 0.4.0 or later
tunnel_enable=1
# proxy listens on standard HTTPS port
# and forwards all requests to http://localhost:80
# listen port
proxy_listen_name = lis-ssl 0.0.0.0@443 https
# proxy to tunneling gateway
proxy_sslvpn_label = /vpn/rdp
proxy_sslvpn_label = /vpn/telnet
proxy_sslvpn_label = /vpn/proxy
#if backend server is using non-standard port, use
# proxy_pass_by = lis lis-ssl http://localhost:2000
#proxy_auth_url = <extended-url-pattern> <user-password-list> [options]
proxy_auth_url = lis-ssl://*/* -u="user_id:password" -rlm="NEWSERVER"
#
# SSL: pass phrase for server private key
#
proxy_ssl_keypass = password_for_certificate
#
# --- tunneling settings ---
# Notice there's no tunnel-specific listen port defined (tunnel_listen_name)
#
#tunnel_listen_name = mpx 0.0.0.0@443 ssl -mpx=sslvpn
tunnel_dest_name = lan-rdp localhost:3389 raw
tunnel_dest_name = lan-telnet localhost:23 raw
tunnel_dest_name = lan-proxy localhost:81 raw
tunnel_pass_by = label /vpn/rdp lan-rdp
tunnel_pass_by = label /vpn/telnet lan-telnet
tunnel_pass_by = label /vpn/proxy lan-proxy
# access log file
#proxy_log_access_io = single logs/access.log
#
# HTTP compression
# uncomment both lines below to enable HTTP compression
#proxy_filter_define = comp-txtonly mod_filt_zlib mtype="text/"
#proxy_filter_assign = * comp-txtonly
#
# URL rewrite in contents (response bodies)
# uncomment both lines below AND create simple_subst.conf to describe
# replacement rules (see Users' Guide)
# Note: these must come after HTTP compression settings in config file.
#proxy_filter_define = ext-rewrite mod_filt_ext int=rewrite_simple mtype="text/html"
#proxy_filter_assign = * ext-rewrite
#end
************************************************************8
sample configuration for client: otunnel.conf
************************************************************
# configuration for orenosp-cli (in otunnel.conf)
# this is a sample configuration and it is used with otunnel.exe
# command line to activate this configuration from client PC from inside corporate proxy
# provided user is allowed to access any https site
# command line: otunnel -c
# this sample configuration provide 3 services by only opening one port on external server
# with direct internet connection (port 443, see server configuration: sproxy.conf file for detail)
# you need to change the following items on this file:
# your.internet.ip.address
# user_id (set when generating key on ORENOSP server and also on sproxy.conf)
# password (set when generating key on ORENOSP server and also on sproxy.conf)
# note: tunnel_listen_name must match with tunnel_pass_by
# tunnel_pass_by must match with proxy_ssl_vpnlabel on sproxy.conf)
# your can used any port on client PC as long as your client application allowed it
tunnel_listen_name = rdp 0.0.0.0@88 raw
tunnel_listen_name = telnet 0.0.0.0@28 raw
tunnel_listen_name = proxy 0.0.0.0@81 raw
tunnel_dest_name = your.internet.ip.address your.internet.ip.address:443 ssl -mpx=sslvpn -proxy=proxy_server:8080
tunnel_pass_by = lis rdp your.internet.ip.address -mpxlabel=/vpn/rdp -auth=user_id:password
tunnel_pass_by = lis telnet your.internet.ip.address -mpxlabel=/vpn/telnet -auth=user_id:password
tunnel_pass_by = lis proxy your.internet.ip.address -mpxlabel=/vpn/proxy -auth=user_id:password
Good Luck |
|
|
| Back to top |
|
|
|
|
| |
Register
Log in
