Nothing special, but just a funny post…
I am working for a client that has another client for whom I deliver the product. During the last month I gained the remote access to their network for the installations and debug. Sounds easy eh?
My client has a corporate HTTP proxy, so no other traffic but HTTP should be able to get out. Unsurprisingly they need to manage HTTPS connections somehow or the employees will go mad. Here you have two options, either permit HTTP CONNECT method to any IP address and port or maintain a white list. The second was the choice of my client. which means “HTTP CONNECT <myserverininternet>:<whatever TCP app port> HTTP/1.0” opens the door. So far so good. So I install an OpenVPN server on my internet host, client on my laptop and I am in a normal NAT environment.
Now, the my clients client gives me a VPN client that I should use to connect to their concentrator. A windows one. Great. Installing VMWare, installing a gues MS OS, installing an OpenVPN client, click connect, connects, 5 sec – disconnects. Why? Because the clever VPN client disconnected me from local connections, so VPN over VPN is not an option. Fine, bridging “Local area connection” with tap0, configuring IP address – wow, online. Connects and stays connected.
I will not describe 2 weeks calls to gain firewalls configured to access the needed hosts, something that the reader should know if familiar with enterprise way-to-work.
Now, I am also given a Citrix Metaframe client, so I launch it to get a remote desktop of some MS2000 terminal server that has SecureCRT installed. Using that SecureCRT I can login to a Solaris host with SSH and jump to our host from there. WOW, here we go now….
The only thing left is the file transfer, how do I do that? Lucky me, Citrix client on connect mounts the client PC disks to the server, so I can take the files. But the guest OS is disconnected from local net, which means I cannot directly take the files from LAN or my laptop disk. Great. Lucky me again, VMWare support USB. So I can mount a USB storage on the host, copy the files, unmount it, mount in guest OS, transfer to Solaris and from there to our host.
The moral? no moral, just plain fun …