Hi Everyone!

Juli Mallett juli at clockworksquid.com
Fri May 1 10:17:29 PDT 2009 

Hey Fred,

You should be able to use any IPv4 address, not just localhost, so you
can dispense with SSH and use routable IPs directly.

As for getting the client traffic to WANProxy in the first place, you
have a number of options -- during a trial period you could point your
branch office clients at 172.22.1.88:445 instead of spork:445, by
connecting to \\172.22.1.88.  Once you're satisfied with how it's
working, if there are no other services you need to access on Spork
from the branch office, you could override Spork's DNS entry to point
to 172.22.1.88 when queried from the branch office (if you're using
DNS) or override it in WINS -- I'm not sure how you do the latter.
Depending on what kind of network equipment you've got, you could also
probably configure it to redirect the connections on the fly.

Hope this helps,
Juli.

On Fri, May 1, 2009 at 8:14 AM, Fred Richards <Fred.Richards at kayaker.com> wrote:
>
> I'm really excited about this project, and I apologize for posting in html.
>
> I *think* I've figured out what I'd like to do:
>
>
> Branch Office Wanproxy Client: 172.22.1.88
> Main Office Wanproxy Server: 192.168.100.4
> Spork (Win Shares): 192.168.100.7
>
> client.conf -
>
> flow-table incoming-encode
> proxy flow-table incoming-encode 172.22.1.88 445 decoder none to 127.0.0.1 3300 encoder xcodec
>
> server.conf -
>
> flow-table internal-decode
> proxy flow-table internal-decode 127.0.0.1 3300 decoder xcodec to 192.168.100.7 445 encoder none
>
>
> issue command on Client:
>
> ssh -L 3300:localhost:3300 user at 192.168.100.4 wanproxy -c server.conf
>
>
>
> Then trick the Client(s) into thinking "Spork" is 172.22.1.88 instead of 192.168.100.7 ... my issue is where I redirect port 445 requests... inside wanproxy?  With cisco route maps?  With the ssh port forward?
>
> Will Wanproxy redirect the output of the tunnel to a machine other than itself?  The docs on the site seem to indicate so, making mention of the names "server" and "intranet".
>
> Also, using ssh may not be necessary (it's a good idea if this was sent over a plain unencrypted internet link) as this is all happening over a VPN.  I can imagine I can change the 127.0.0.1 IP's to 192.168.100.4, and remove the ssh requirement.  Of course, the server-side command would still need to be run, via crontab or something.
>
>
> Comments, suggestions, flames?
>
>
> ________________________________________
> From: wanproxy-bounces at lists.wanproxy.org [mailto:wanproxy-bounces at lists.wanproxy.org] On Behalf Of Fred Richards
> Sent: Friday, May 01, 2009 10:43 AM
> To: wanproxy at lists.wanproxy.org
> Subject: Hi Everyone!
>
> I'm planning on using Wanproxy in a branch/main office situation where we would need to cut down some of the chatter seen by SMB (windows drive shares).  I realize this is what many of the "big boys" do for wan optimization.  The good news is all the traffic happens over tcp/445.
>
> My plan is to have a mac 10.5 machine on each end of the link, one as the server (in the main office location) and one as the client (in the branch location).
>
> My trouble is coming from directing port 445 to those two devices... my setup looks like so:
>
> (Win Server w/ Shares) → (Mac Server w/ Wanproxy) ---  T1 w/ VPN --- (Mac Client w/ Wanproxy) → (Win Client)
>
> Directing the Win Client should be easy, I can "fake" local dns, stick the hostname it's looking for in the hosts file, etc.  The trick is to direct the server side from wanproxy to the appropriate server.  Guess I could use a cisco route map if necessary...
> _______________________________________________
> wanproxy mailing list
> wanproxy at lists.wanproxy.org
> http://lists.wanproxy.org/listinfo.cgi/wanproxy-wanproxy.org
>

More information about the wanproxy mailing list