Tunnel all internet traffic through a VPN?

[KScorp]

See SOLUTION below for a step by step guide to how to set up a tunnel!

 

With my university setting up some semi-harsh download limits for wired connections in their dorm rooms, I try to use their wireless connection when possible. However, nearly every port is blocked, whitelisting only the bare minimum, such as HTTP (80), among others. Needless to say, the only thing it's good for is surfing the internet.

 

What I WANT to do is play some games, and download over steam. The problem is, I can't connect to Steam due the blocked ports.

 

So, the new thing I'm trying to do is get all my traffic sent to my home computer, basically a proxy for everything. My first two attempts involved setting up a VPN. I HAVE managed to set up Hamachi, which works fine (but doesn't do what I want), and I also was able to set up a VPN through Windows (which doesn't work, but that's because I was connecting through Hamachi, whoops). Well, since I was doing all of this remotely, I ended up breaking the internet connection on the remote computer, so I can't really do anything anymore. D: I'll fix this later...

 

But that's beside the point. Does anyone know how I can tunnel all my traffic through to my home computer? The limitations are the limited ports I have to work with. The end result I want is to be able to use any internet programs on my University's wireless network, regardless of the ports they need. Does anyone know of a way to go about this?

 

EDIT: SOLUTION

 

Here is a step by step guide on how to set up your internet to tunnel all traffic through to your home computer.

 

What you need:

- A computer that does not have restricted internet access. (I will refer to this as the server.)

 

1) Set up an SSH server on your home computer. This is a tough step that requires its own tutorial. I used the tutorial found here, but feel free to use other methods. The one I linked may not be desirable for everyone, since it makes quite a lot of changes to your computer. If you do follow the tutorial I linked to, follow it up until "Connect to your server", since that's what this tutorial will cover.

 

2) Install PuTTY on your client computer (that is, the computer that has restricted internet). You need either Windows or a UNIX operating system. If you have Windows, simply download putty.exe. For UNIX, download the appropriate source and compile it. (I will not go into how to do that here.)

 

3) Install ProxyCap. This is a 30-day trial program, but it does what we need very easily. I'll look for a free alternative later.

 

4) Now that everything is installed, we have to set up each program. The SSH server should be set up correctly if you followed the tutorial correctly. However, it's important that you forwarded port 22 (or whatever port you used for your server) on the router your server is connected to.

 

5) Time to set up PuTTY. Run PuTTY.exe. The first window open should be "Session". Under "Host Name", put in the IP of your server.

 

6) Under connection type, select SSH. The port will change to 22, which I hope is not a port that your university limits. If it is, you'll have to set up your SSH server to listen on a different port that your university doesn't block. If you can surf the web, 80 and usually 443 should be OK, but there are other risks to opening those ports.

 

7) Under saved sessions, name your connection something, and hit "Save". This will allow you to easily connect in the future.

 

8) Now, on the left, go to Connection > SSH > Tunnels. Both the checkboxes under Port forwarding should be left unchecked. Under "Add new forwarded port", put in 55555 as the source port. (You can put in any number between 1 and 65535 if you desire, but I advise against using ports below 1000, as many ports underneath that are reserved for other purposes. I'll simply be using 55555 to refer to the number you decide to put in.) For destination, put "localhost", without quotes. Mark the "Dynamic" radio button, and the "Auto" selection. Finally, hit the "Add" button on the right. Under "Forwarded ports", "D55555" should appear.

 

9) You finished configuring PuTTY! Go back to the Session category on the left, and save your settings again. Test your connection by hitting "Open" on the bottom. (Make sure your server is running!)

 

10) If your connection works, it will ask for the password to your server. Otherwise, there can be many ways that the connection failed. Double check that you set up the server correctly, and that the ports for the server are forwarded correctly. Also make sure PuTTY has the correct IP and port selected.

 

11) If PuTTY connects correctly, the last thing to do is set up ProxyCap. Run ProxyCap, right click on the icon in your system tray, and select preferences. Go to Ruleset > Proxies on the left. Press the "New Proxy" button on the top right (it's the left most button, and looks grayred out).

 

12) For "Type", select SOCKS5. For "Host", put in localhost. For "Port", put in 55555.

 

13) Now, under Ruleset > Rules, create a new rule (unless one exists already will every field at "All"), clicking the "New Rule" button on the top right. Here, make sure "Redirect through proxy" is set, "Not restricted" is set, "All Programs" is set, destination IP range is "Not Restricted", and both TCP and UDP are checked. Hit OK.

 

14) Close the preferences tab, and make sure the ProxyCap icon isn't greyed out in the system tray. If it is, right click and select "Enable".

 

15) At this point, you should be all set! You'll know everything is working if you go into your web browser, go to whatismyip.com, and the IP that shows up is the IP of your server.

 

 

And that's that. I'm currently looking for a working free ProxyCap alternative, so expect an update (possibly soon) if I find one. Please tell me if there are any mistakes in my tutorial.

[Harry]

download limits

You could TRY to see if you could get around them by changing your computer's MAC address. Though if they find out, they will probably punish you hard and/or kick you out. There is really no way to get around these.

 

tunnel all my traffic through to my home computer

On Windows, I have no idea (I assume you are using Windows). You could try running and port-forwarding a Linux VM on your home box, and use SSH-Tunneling at school.

https://help.ubuntu.com/community/SSH_VPN - this guide should explain it all about server-side. http://www.oreillynet.com/wireless/2001/02/23/wep.html - should explain it Windows-clientside.

 

Ideally, you could ask your school to stop being so mean and unblock some ports needed for Steam

[KScorp]

I could change the MAC address, but that's easy as crap to detect, and they would shut down the wired access in my room. I would have done it before if there wasn't that hanging over my head.

 

I wish they would unlock those ports, but as I said they only unlocked the bare minimum for "security."

 

It wouldn't be difficult to set up Linux VPM on my home computer, hell I could even use a Live version if I really wanted. But it looks like all it's doing is setting up a VPN. I'll look into that second link you gave me more deeply. (Yes, I use Windows.)

 

I'm hoping there is be an easier way to do this though... I'll keep trying to set it up, but if anyone knows a surefire way to go about this I'm all ears.

[Dark Torcher]

The VPN option is the right idea, and there are other ways to do something like this.

I don't know about Hamachi since I haven't used it for a long time.

I'll start working on it since I'd also like to get free access vs restricted access while on campus.

 

Of course, you could just do a remote desktop but that would eat up bandwidth and be slow (since most campus limit speeds per user and is not really what you want.

[PotshotPolka]

Talk to Itch, he works on a college university's network.

[Dirk]

what an insane coincidence! I just solved this in the last day at my school. I had been running a pptp vpn to bypass the firewall but they blocked all ports but 443 and 80 after some security breaches. They also blocked gre which is required for pptp so that wont work anymore. soooo..... what i did it set up an OpenSSH server on the pc at home i use as server. (you can find this for windows with a few searches on google.) once i had the openssh for windows installed I forwarded port 443 (HTTPS) through my router. I then connect to my ssh server using a program called putty (once again google it its free) once connected you can use putty as a SOCKs proxy and tunnel through. It works! faster than the vpn too. plus its encrypted so they cant see whats going through. it just looks like normal HTTPS traffic.

 

let me know if you need the specifics of the configuration.

[Dirk]

oh make sure you get putty with dynamic tunneling as a feature. the older versions dont have it.

[KScorp]

I'm trying out what you said, Dirkjr, and I've found some handy articles, but are you sure it's OpenSSL you're talking about? I found plenty about OpenSSH, not so much with SSL. >.

 

I'm having trouble getting my server to run, so I'll keep trying to get that to work, if you have any other tips for me please tell me. If this works I'll be extremely happy.

 

EDIT: I've gotten an SSH SOCKs v5 Tunnel to work great with Firefox, although the only thing I've managed to do with it so far is proxy through Firefox. I followed this tutorial, but I still have to figure out how to tunnel other ports on my own, without needing to configure anything with them... might be tough.

 

If you could explain more clearly how to set up an SSL (or SSH) tunnel, I'd greatly appreciate it. I couldn't understand what you did to get your tunnel to work.

[Dirk]

ah so sorry. my bad yes it is openSSH.

[Dirk]

I'm trying out what you said, Dirkjr, and I've found some handy articles, but are you sure it's OpenSSL you're talking about? I found plenty about OpenSSH, not so much with SSL. >.

 

I'm having trouble getting my server to run, so I'll keep trying to get that to work, if you have any other tips for me please tell me. If this works I'll be extremely happy.

 

EDIT: I've gotten an SSH SOCKs v5 Tunnel to work great with Firefox, although the only thing I've managed to do with it so far is proxy through Firefox. I followed this tutorial, but I still have to figure out how to tunnel other ports on my own, without needing to configure anything with them... might be tough.

 

ok for the other applications you may need to find a program, such as sockscap, to "socksify" your applications. the only limitations i have run into are related to protocols (like GRE) that are not udp or tcp and, as far as i know, cannot run through a SOCKs proxy.