I've got a problem I'm sure is a common one, but I haven't been able to find a simple solution for it on my own. I've got a remote router (Mikrotik Routerboard) in the field I want to be able to login to via SSH, but it has a dynamic IP, and is behind another NATed and firewalled router I don't have control of. At the office I have a FreeBSD machine I have full control of, that's acting as a gateway using the pf firewall. It also has a dynamic IP, but it doesn't change often and also has a DNS hostname that never changes.
I guess the best way to do this would be to create a tunnel from the remote router back to the FreeBSD machine, but what would be the best protocol to use? I don't want broadcast packets, internet traffic, DNS, or anything else going over the link, just a simple point-to-point tunnel. Someone told me to try using OpenVPN, but it seems like it's too complicated for what I need; after hours and hours of trying to create SSL certificates and reading the nine million or so pages of the documentation I still didn't have a working connection, just a headache. I've also tried the MPD5 and Poptop servers, but haven't had much luck establishing a connection with those either; the guides I found are either out of date or refer to the Linux versions.
I've also tried setting up a Windows machine as a PPTP server and forwarding port 1723 to it with the following pf rules:
but I keep getting "Error 806", which is something about how the router may not be configured to allow GRE protocol packets, but since GRE uses TCP shouldn't that be covered by the pass rule?
There has to be an easy way to do this.
I guess the best way to do this would be to create a tunnel from the remote router back to the FreeBSD machine, but what would be the best protocol to use? I don't want broadcast packets, internet traffic, DNS, or anything else going over the link, just a simple point-to-point tunnel. Someone told me to try using OpenVPN, but it seems like it's too complicated for what I need; after hours and hours of trying to create SSL certificates and reading the nine million or so pages of the documentation I still didn't have a working connection, just a headache. I've also tried the MPD5 and Poptop servers, but haven't had much luck establishing a connection with those either; the guides I found are either out of date or refer to the Linux versions.
I've also tried setting up a Windows machine as a PPTP server and forwarding port 1723 to it with the following pf rules:
Code:
rdr on $ext_if inet proto tcp from any to any port 1723 -> 10.0.0.8 port 1723
pass inet proto tcp from any to any port 1723
There has to be an easy way to do this.