Setting up OpenVPN

Linux  Debian 

Source: http://wiki.debian.org/OpenVPN

Install the openvpn package on both client and server.

apt-get install openvpn

Server-side, copy key generating script from openvpn example to /etc/openvpn:

cd /etc/openvpn
cp -a /usr/share/doc/openvpn/examples/easy-rsa/2.0/ easy-rsa

Edit the bottom of /etc/openvpn/easy-rsa/vars according to your organization.

export KEY_COUNTRY="Some country"
export KEY_PROVINCE="Some province/state"
export KEY_CITY="Some City"
export KEY_ORG="Some Organization"
export KEY_EMAIL="some@email.address"

Execute the following commands:

cd easy-rsa/
. ./vars
./clean-all

Generate CERTIFICATE AUTHORITY (CA) CERTIFICATE/KEY.

./build-ca

Generate BUILD AN INTERMEDIATE CERTIFICATE AUTHORITY CERTIFICATE/KEY.

./build-key-server server

Generate BUILD DIFFIE-HELLMAN PARAMETERS (necessary for the server end of a SSL/TLS connection).

./build-dh

Generate key for each client.

./build-key clientname

Copy the files ca.crt, clientname.crt, clientname.key from the server to client into the /etc/openvpn/easy-rsa/keys/ directory.

On the server create /etc/openvpn/server.conf as follows. Make sure empty lines are completely empty, i.e. no spaces. The port and keepalive lines are optional if you want to use a non-standard port or customized keepalive behaviour. You probably want to change the server line to the desired values.

port 12345
proto udp
dev tun

topology subnet

ca      /etc/openvpn/easy-rsa/keys/ca.crt
cert    /etc/openvpn/easy-rsa/keys/server.crt
key     /etc/openvpn/easy-rsa/keys/server.key
dh      /etc/openvpn/easy-rsa/keys/dh1024.pem

server 192.168.100.0 255.255.255.0
ifconfig-pool-persist ipp.txt

keepalive 10 30

comp-lzo
persist-key
persist-tun

status /var/log/openvpn-status.log

verb 3
client-to-client

Server: Restart OpenVPN.

/etc/init.d/openvpn restart

On the client create /etc/openvpn/client.conf as follows. Don’t forget to change the port and remote lines to match the server settings.

client
dev tun
port 12345
proto udp

remote server_hostname_or_ip 12345
nobind

ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/clientname.crt
key /etc/openvpn/easy-rsa/keys/clientname.key

comp-lzo
persist-key
persist-tun

status /var/log/openvpn-status.log

verb 3

Client: Restart OpenVPN.

/etc/init.d/openvpn restart

Setting up Siproxd

Linux  OpenWRT 

Sources: [1][], [2][], [3][], [4][] [1]: http://wargle.blogspot.ca/2008/09/get-sip-phone-to-work-with-openwrt-on.html [2]: https://forum.openwrt.org/viewtopic.php?id=9397 [3]: http://siproxd.sourceforge.net/index.php?op=odoc [4]: http://wiki.openwrt.org/oldwiki/SIPwithTransparentProxyAndNokiaE61HowTo

Install Siproxd.

Edit /etc/config/siproxd. If you change rtp_port_low and/or rtp_port_high, make sure to change the next step accordingly.

config siproxd general
    option if_inbound        br-lan
    option if_outbound       eth1
    option rtp_port_low      8000
    option rtp_port_high     8050
    option registration_file /tmp/siproxd_registrations-general
    option rtp_timeout       150
    option default_expires   150

Edit /etc/config/firewall to transparently redirect SIP traffic to Siproxd.

config redirect
    option src       'lan'
    option dest      'wan'
    option proto     'udp'
    option src_dport '5060-5062'
    option dest_ip   '192.168.2.1'
    option dest_port '5060'
    option target    'DNAT'

config rule
    option src       'wan'
    option proto     'udp'
    option dest_port '5060-5062'
    option target    'ACCEPT'

config rule
    option src       'wan'
    option proto     'udp'
    option dest_port '8000-8050'
    option target    'ACCEPT'

Setting up Xpra

Linux  Debian 

Install Xpra on the server and client:

apt-get install xpra

To easily use Xpra in a LAN/VPN for one command at a time, create the following script. Please note that this script will not work for a remote system behind a NAT without the necessary ports opened. Change HOST and PORT to the desired values.

#!/bin/sh

HOST=remote
PORT=20100

ssh $HOST -- xpra start :100 --start-child="$@" --exit-with-children --bind-tcp=0.0.0.0:$PORT

# Tries to open HOST:PORT up to 10 times
for i in $(seq 0 9); do
    if netcat -v -w 2 $HOST -z $PORT; then
        break;
    fi
    sleep 2
done

xpra attach --encoding=x264 tcp:$HOST:$PORT

Then use the script like this, assuming it’s called remote_xpra.sh:

./remote_xpra.sh xterm

X11VNC as a Xinetd Service

Linux  Debian 

Source: http://ubuntuforums.org/showthread.php?t=363236

Install necessary packages

apt-get install x11vnc xinetd

Edit ~/.x11vncrc (as root)

display :0
quiet
nopw
auth guess

Edit /etc/xinetd.d/x11vnc

service x11vnc
{
        port            = 5900
        type            = UNLISTED
        socket_type     = stream
        protocol        = tcp
        wait            = no
        user            = root
        server          = /usr/bin/x11vnc
        server_args     = -inetd -o /var/log/x11vnc.log -bg
        disable         = no
        only_from       = 192.168.100.0
}

Restart xinetd

/etc/init.d/xinetd restart