VPN (PPTP) blocked. Is there a solution?
January 29, 2010 10:40 PM   Subscribe

VPN (PPTP) blocked. Is there a solution?

I have a VPN (PPTP) account at a British university. Several work-critical services require that I be connected to this particular VPN -- including access to the university high performance computing cluster, journal websites, online databases etc.

Unfortunately the service provider I am using in Oman appears to block PPTP traffic. Please help me get some work done this month! Is there a work-around?

I'm on a mac if that makes a difference
posted by jonesor to Computers & Internet (10 answers total)
Look for a proxy tunnel over https. You may need to set up a server at the school.
posted by sammyo at 11:50 PM on January 29, 2010

Are they doing deep packet inspection? Can you try simply changing port numbers?
posted by Netzapper at 12:21 AM on January 30, 2010

Tunnel PPP over SSH. Or if it's all web stuff just forward a port to an internal HTTP proxy and use an epic PAC file. I have a sample I can post tomorrow.
posted by vsync at 1:40 AM on January 30, 2010

Response by poster: Sammyo - thanks I've got a proxy tunnel over https working in Firefox, but I can't figure out how to make it work with VPN. Can someone give/point me to instructions to do this in OSX (Tiger). I need to connect to my work's HPC cluster via ssh in Terminal and this is only possible if I'm already connected via VPN.

Netzapper - no idea. And I don't know how to change port numbers in OSX.

vsync - thanks, I'd like to see your sample.
posted by jonesor at 3:16 AM on January 30, 2010

Changing port numbers (whatever that means in this case) and tunneling a PPTP VPN over SSH are both ineffective and/or impossible, so don't bother.

You will probably need to vary your approach slightly, depending on whether you need HTTP(S) or SSH access. The best approach would be to have SSH access to a machine that itself has access to your journal articles and to the high-performance computing cluster. You could use that one machine to set up a SOCKS proxy over an SSH tunneland relay SSH traffic from your machine to the cluster on another tunnel.
posted by one more dead town's last parade at 3:36 AM on January 30, 2010

Response by poster: Well, I need to access the HPC via ssh. Ordinarily, back in the UK, I just start up VPN and I'm in. Simply trying to do ssh to access the HPC (without first connecting to the VPN) fails because it rejects traffic from outside the college network.

Would it be a viable option to ssh through an HTTPS tunnel?

I came across an application called corkscrew that looks like it might do the job. It looks quite fiddly to install/configure though.
posted by jonesor at 4:53 AM on January 30, 2010

journal websites, online databases etc. [...] I've got a proxy tunnel over https working in Firefox

Does your university use Athens? Many of the big e-resources use it; it bypasses the need for a VPN.
posted by Mike1024 at 4:55 AM on January 30, 2010

Response by poster: Partial success! - I can now access all the journals databases etc. I did this using a proxy with Firefox alone. The only thing I can't now do is SSH to the HPC cluster from Terminal.

Thanks for your answers everyone!
posted by jonesor at 5:27 AM on January 30, 2010

Can you ssh into a different host on the university network and then ssh from that host to the HPC?
posted by advicepig at 8:06 AM on January 30, 2010

Also consider using something like VNC to run a remote session back to a machine that has better connectivity. Or use some other form of remote control software (logmein.com, etc). That way you only have to get the remote session out, not a tunneled network connection. True, it will require a machine left running somewhere, but the upside is sessions stay running even when your connection breaks or slows to a grinding halt.
posted by wkearney99 at 10:46 AM on January 30, 2010

« Older Diversity resources?   |   Where could I get an "Actor's Workout" and how... Newer »
This thread is closed to new comments.