# Punching a hole through my university's firewall...

## Shining Arcanine

Well, I thought that I had a connection to my university's VPN working recently, but it was a mistake because the university just decided to allow SSH traffic to a local server after I complained the firewall was keeping me from connecting to the server because I could not connect to the VPN on my laptop.

Anyway, I want to upload a 1.2GB tar.lzma file from my university to my home computer so I can do backups without physically being at home. I can SSH into my university's unix server. From there, I can SSH into my home computer. I cannot SSH into my home computer directly. My university's unix server gives me a 20MB quota, so I cannot scp it to the unix server and then scp it to my home computer. I am sure that there is some way of doing tunnelling through SSH that will allow me to do this.

Does anyone have any suggestions on how this would be done?

----------

## msalerno

What about setting up a webserver at home and uploading your files that way?

Or setup an ssh tunnel on your universities unix server.

----------

## Shining Arcanine

 *msalerno wrote:*   

> What about setting up a webserver at home and uploading your files that way?
> 
> Or setup an ssh tunnel on your universities unix server.

 

The SSH tunnel was what I was thinking. I found a guide to do it online:

http://www.revsys.com/writings/quicktips/ssh-tunnel.html

I thought that would be harder. Now if only Verizon would stop changing my home's IP address on me, I would be in business. :/

----------

## xaviermiller

For your dynamic IP, you can use services like http://www.dyndns.com/

----------

## Shining Arcanine

Thanks.

I managed to fix the VPN connection to make it work (finally). My university's firewall will redirect Linux users to a login page that will allow them to do basic web browsing (and now apparently ssh to a university server). Anything more requires the VPN. For anyone interested, here is how I got things to work.

I have been using the following command from the pptp client site has a how to for Gentoo:

http://pptpclient.sourceforge.net/howto-gentoo.phtml

I followed the guide, but it would not work, so I did the following:

```
pon $TUNNEL debug dump logfd 2 nodetach
```

I examined the output and noticed a very specific error message, so I went to the following page to look it up:

http://pptpclient.sourceforge.net/howto-diagnosis.phtml#chap_failure

The error was "specifying the wrong domain (E=691)," I have no idea how what I did I fixed this, but what I did was delete the line in chap-secrets with my login information, save it and then write the same exact sequence there and it magically began to work, saying "CHAP authentication succeeded". Despite having the VPN connection working, my internet traffic was still going over the wireless connection as if there was no VPN, so I fiddled with the routing table for a few hours and then finally tried the command:

```
route add default dev ppp0
```

Everything magically started working. So I put that command in /etc/ppp/ip-up.d/999-fix-ip-table.sh (making the file as it was non-existant). I then put a del version of that command in /etc/ppp/ip-down.d/999-fix-ip-table.sh. Now whenever I do pon $TUNNEL my internet connection works and I can do whatever I want like I used to do on Windows.

I called home and spent about 20 minutes explaining how to look-up my computer's IP address and found out that it has not changed from what it was before, so either something went wrong with my virtual machine or the university has tightened its firewall to include the port to which I moved sshd. I am hoping it is the former.

By the way, I noticed that there are two clients available for dyndns. Which client do you recommend installing?

----------

