VPN is what you want. Wireguard isn’t very complicated to configure though. You should use that if your VPS supports it.
Also I believe you will need to do additional config if you’re port-forwarding through the VPN.
VPN is what you want. Wireguard isn’t very complicated to configure though. You should use that if your VPS supports it.
Also I believe you will need to do additional config if you’re port-forwarding through the VPN.
sadly, wiregard don’t allow bridge VPN, only tunnel since it’s layer3 network protocol. i really need this ip to just be forwarded, no nat (mandatory tunnel) and nothing else on that vps.
double nat have already caused me way to much issue in the past, never again.
Assuming your “remote server” only has one IP address and not a block of multiple unused IPs, you MUST do NAT on that server to route traffic from other systems. But you really don’t need the NAT on your pfsense router. Set it up as an VPN gateway on the internal interface, and allow the internal/private IPs through, to be NAT’d (just once) on the remote server.
i thought about that, but it mean having to managed the forwarding on the remote, and i would like to keep it centralized. (i use some dynamic functionality within pfsense that would be a pain to reproduce)
I’ll keep it in mind but if i can (and i can) get an additional dedicated public ip on that remote server, can i do it the way i had in mind ?
it’s not like ipv4 are in a shortage/s
is there a write up i can read to refresh me and explain what search domain is? i always get confused when i see an ip entry for it
It the setting to autoappend the domain name onto a host name when trying to connect.
ssh user@host
vs ssh [email protected]
EDIT: Missed the thing about IP entry, never seen that before.
just plop stuff down in your ~/.ssh/config
.
For example, I have a few different VPN’s I have on most of the time for work so I do a proxy command that will select the approriate key and domain.
Host *.prod
ForwardAgent yes
UseKeychain yes
AddKeysToAgent yes
IdentityFile ~/.ssh/id_rsa
User USER
ProxyCommand ssh -q -W %h.DOMAIN.COM:%p [email protected]
So all I have to do is ssh on the host I want and tack on the domain env and boom.
The proxy one at the bottom is out bastion host.
@freqlabs @thro and anyone else using Macs on a regular basis:
Do you bother using iterm2 or just stick with plain old terminal. I have always just used terminal. Trying iterm2 now, but the only feature that matters to me so far is accurate 256-color rendering which is pretty superficial.
No, it’s a meme. I use the Terminal.
For splitting panes it was nice but I started using tmux
and vsp
and vert term
and what not in vim.
I’ve seen a lot of developers using iterm2 at my company. I could ask them why if you’d like.
You’re going to get generic, bullshit answers.
Ask them, please. I want to start a betting pool.
My Default 80x24 green on green on black basic bitch terminal.
Transparency included. Todo List came about with a lot of shitty C dev abilities. I flex on the lowercase I users
TIL you own and use a Mac.
Most of the time I’m ssh’d into it from my ITX Small Linux build ECC DDR 4 ZFS VFIO Nested GPU Passthrough machine.
But for calls and connecting to the VPN I use the Mac
That word salad just landed you a job at Red Hat.
I use iterm2
for the sole reason, that when you share the window via Zoom, that Zoom can pick up on all of the terminal tabs in the window instead of the active tab which is how the regular terminal application does things.
This is the only reason.
My turn!
OhMyZsh with the ys
theme.
I just want to play video games on my nested KVM Windows 10 Home VM
Powerlevel10k or gtfo
Dynamic_Gravity has left the chat
Love the references DBZ gets – But I hate ZSH and everything about it
Off topic Eddie Hall has shoes that when you tighten the strap it says “Over 9,000” lol