Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 30 replies
  • Answers 1 answer
  • Subscribers 4 subscribers
  • Views 46460 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

All traffic via StrongVPN/HideMyAss etc.???

BorisTheSpider
Hi,

I am considering getting one of the public VPN services like HideMyAss or StrongVPN - can I use the site-to-site VPN functionality in Astaro and set this up so any internet bound traffic gets routed via the VPN service?

I believe, from initial reading, the SSL vpn wouldn't work for this because I wouldn't have the right type of config file to give my astaro, so I guess it's got to be IPSEC.

If people have done this, perhaps you could tell me which particular providers of VPN service this is tested and working with, and any setup pointers you can provide are obviously appreciated.


This thread was automatically locked due to age.
  • 0
    With a some adjustments I got things working (.ovpn to .apc, and Site-to-Site connection up) following Ben83's instructions.  No command line activity was needed on the UTM side only WebAdmin.
  • 0
    Hi, it would be great if you could post your configuration: files and screenshots.

    Thanks,
    Barry
  • 0 in reply to teched_01
    With a some adjustments I got things working (.ovpn to .apc, and Site-to-Site connection up) following Ben83's instructions.  No command line activity was needed on the UTM side only WebAdmin.


    Teched,

    Can you help me setup openvpn for use with PIA.
    openvpn config files:


    If so please with a step by step guide. .

    thnx
  • 0
    Xianx, I'm sorry, but I deleted the external link in your post. Please [Edit] that post, click on [Go Advanced] and attach your zip file to the post. We can't know if that external site is properly protected. The only malware I've gotten in over 10 years was from a link to a picture in this forum several years ago.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    Aside from the likely problems ben83 pointed out:  I'm not at all likely to use the PIA service or document it "for fun".

    Better documenting my changes and process for ovpn/apc is on my todo list, but it has already been there for four weeks - it isn't the highest priority for me.

    Another mechanism that might be worth considering is using an external device for the tunnel termination and having it as a second WAN on the UTM.
  • 0
    teched: thats what i am doing for a few weeks now. I setup a sophos utm on a vhoster that supports own ISOs. Costs $5 a month with 1 TB transfer volume. I set it up as a RED Device and have that connection in my uplink interfaces and i am using it with multipath to sent mails over it and get my VPN connection inbound. (DS-Lite here)

    works really great. Name of the service is available via PM as i don't want to put public advertisement here.
  • 0 in reply to ben83

    The Dropbox link Ben83 provided is dead. Does anyone have Ben83's archive?

  • 0

    Why not to setup a Linux VM in your LAN to act  as an internal router?

    You could install an app from VPN provider on Linux or configure OpenVPN to manage the traffic - then connect to VPN Service Provider.

    Then you could use Linux as a Gateway on all other systems within the Lan. Or simply change DHCP settings on UTM or other server, to point to Linux VPN internal router.

     

    Setup:

    Client -> Linux with VPN -> Sophos UTM - this way traffic from your Client would be encapsulated in VPN connection established by Linux with VPN.

  • 0 in reply to JacekG

    Jace's is the only successful approach I know of.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML