The Poor Man VPN

You may have an IT team in your company who believe company productivity will be boosted if company disallow access to social media , streaming or even the soundcloud. Although some recent studies show that productivity has nothing to do with such sites

Don’t get me wrong, but I hate to be restricted or not having access to what I want, of course I won’t visit illegal sites or hiding my gampling history! using the corporate network but also I need some level of freedom to perform well. I will manage my own time!

Anyways whatever your final goal, make sure you’re not breaking any corporate policies

So let’s start

First here’s the topology and the normal call flow for Enterprise Network


What we will try to accomplish is manipulate the corporate gateway and establish an SSH tunnel back to our home network (where everything is accessible from there and free!) then we will redirect our browsing traffic to home network back and forth.

No just that, we will enhance the tunneling by connecting our home router to DDNS provider

From firewall perspective, we just established an innocent SSH connection to somewhere in the internet



Tools Used

Home Network

1-Modem (Home Router) that support Port Forwarding (most routers nowdays do)

2-VMware to run squid proxy server and SSH over Centos Machine

3-DDNS account ( is my favorite, However if your purchased an static IP from your ISP then this step is not necessary but remember this solution is for poor guys J )

Client in Corporate

4-MobaXterm (to establish SSH tunnel back to VMware)

5- Browser

1-Configuring the Modem(Router)

Here we need to configure Port forwarding on our modem, head to (or whatever the default IP address for the router )


Configure SSH port forwarding.


Name: SSH-Proxy

Protocol: TCP

WAN Interface: pppoe2 //or whatever the connection that you configured

WAN Port: 2289 //the incoming connection port, you can choose whatever you want also

LAN Open Port: 22 //Default SSH port of the SSH service running on SQUID Server

LAN IP Address: //IP address assigned to SQUID server

Now any incoming IP address from the WAN asking for port 2289 will be mapped to internal LAN IP address( in your home network

2-SQUID Config on VMware

Squid is an open source and high end proxy server used as an intermediate node between your HTTP traffic and your evil IT Manager. It will source the traffic from it’s own IP hiding it from corporate firewall

Install it using yum (for Centos)

#yum install squid



#apt-get install squid (For Debian and Ubuntu)

Now you need to configure few elements inside the SQUID file

#vim /etc/squid/squid.conf


Here we will add two entries in ACL (Access-List) to allow SQUID to accept traffic from them

acl localnet src

acl localnet src <Your Company Public IP>/8 //You can know company public IP by visiting

leave everything as it is, the default configuration is just fine!

Now let’s start the squid server

#/etc/init.d/squid start

Make sure it’s listing to default port 3128

#netstat –antup | grep 3128

3-DDNS Account

Ok, now let’s setup no-ip account. You can know more about DDNS(Dynamic DNS) and how to use it in this short video, if you’re in hurry then skip and continue to the below steps

1- Head to


2- Create free account


3- Pickup a domain name



Host is created successfully and will take sometime to publish to root DNS


4- Install DUC client in any PC inside your Home network (this will ensure the domain name is updated with your public IP address each time the ISP assign to you a new IP address).


Now let’s setup our company laptop with two things, tool to establish SSH tunnel back to our home network and configure browser to use this SSH tunnel


1-Choose Tunneling


2- Choose Local port forwarding


Click on Save and then press play button to establish it. If everything is ok then you should prompted to enter the password for the SSH server(SQUID)


5-Change Browser Setting

Now fire chrome and in choose Settings

Choose Network

Choose Change Proxy Settings

Choose Connections | LAN Settings

Enter the IP address and port of local tunnel (

Press Ok



If you check your squid log, you will find hostnames that redirected by SQUID.



#tail -f /var/log/squid/access.log


Wrapping up

Ok, everything now is connected and The traffic is completely hidden from corporate network and they can’t see what’s going on inside your SSH tunnel back to your home. The SSH tunnel is a popular method of establishing SECURE connections between nodes and in this blog we use it to manipulate corporate gateway and gain access to blocked contents.

Not also you can use it to access website, but also you can access all resources in your home. You can RDP/VNC/SSH to any windows/linux machine.


Share you opinion to benefit others :)

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s