[OSX-Users] VPN to soton

Hugh Glaser hugh.glaser at icloud.com
Sat Feb 18 17:17:31 GMT 2017 

Ah - I begin to see where a problem is :-)
DDNS
So I might as well report.

I think:
After I connect to the VPN, all the incoming stuff still works fine to the old IP.
But, after a while, my ddns script causes a new IP in my DDNS server, and of course after some further time, this propagates.
Now, if something tries to connect to me, it gets a 152.78 address.
All is still good, although that traffic (which could be an incoming VPN to me over the outgoing VPN to soton!) is now all routed via soton.
But when I disconnect, the problem is clear - things that were connecting to me are still connecting to the 152.78 address, and have the 152.78 in their DNS cache too.
In time the cache will re-sync, but the existing connections to 152.78 are broken.

I think that is right.
I suspect I could fix my DDNS script to check whether VPN is active, and not reset the server, but life's too short :-)

> On 15 Feb 2017, at 18:48, Hugh Glaser <hg at ecs.soton.ac.uk> wrote:
> 
>> 
>> On 15 Feb 2017, at 16:53, Tim Chown <tjc at ecs.soton.ac.uk> wrote:
>> 
>>> On 15 Feb 2017, at 16:10, Hugh Glaser <hg at ecs.soton.ac.uk> wrote:
>>> 
>>>> On 15 Feb 2017, at 16:02, Jules Field <Jules at ecs.soton.ac.uk> wrote:
>>>> 
>>>> On 15/02/2017 15:53, Tim Chown wrote:
>>>>> On 15 Feb 2017, at 15:46, Hugh Glaser <hg at ecs.soton.ac.uk> wrote:
>>>>>> It is a real pain, by the way, if you want someone to complain.
>>>>>> My machine at home also serves incoming stuff for web services, and I also want to be able to access it from away from home, either as ssh or various file or screen sharing options and/or VPN(!, yes it runs a VPN server, of course :-) ).
>>>>>> That means I need to ensure that the VPN to Soton is not running when I leave home - and of course that means it closes my ssh connections to the University that had to start under VPN to allow access.
>>>>> Try mosh?
>>> Yeah, that would help on the disconnection problem (although actually ssh will survive for quiet a long time if you don't touch it.)
>>> But that is only part of the problem.
>> 
>> Maybe I misunderstood, what’s the other part?
> I'm not sure that all the incoming stuff works properly - I have a feeling that it won't route incoming VPN over the VPN, but I'm not sure.
> Certainly it drops the mounting of a shared disk on another machine, and I have to reconnect.
> Anyway, now I have a solution, it's all good :-)
> 
>> 
>> Tim

More information about the Osx-users mailing list