[an error occurred while processing this directive] Zebedee secure tunnel - Tom Sneddon's stuff [an error occurred while processing this directive]

"Excuse me please. My ear is full of milk..."

– Oliver Hardy, Going Bye Bye (1934)

Skip on down to the menu.

Zebedee secure tunnel

According to the Zebedee web site:

Zebedee is a simple program to establish an encrypted, compressed “tunnel” for TCP/IP or UDP data transfer between two systems. This allows traffic such as telnet, ftp and X to be protected from snooping as well as potentially gaining performance over low-bandwidth networks from compression

Using Zebedee as a VPN for Laptop Users

Overview:

I cooked up a solution that, to steal an Apple term, just works. Nothing is required of the user.

I use an open-source program called Zebedee to create compressed and encrypted tunnels from VPN users to our server. I use pre-shared keys to make the system not vulnerable to man-in-the-middle attacks.

The original Zebedee website is not active any more, but I have archived a local copy if the manual from the Internet Archive.

With this software VPN users can get their company email and browse the company intranet whenever they are connected to the Internet.

Installing Zebedee

For Windows, I use the version 2.5.3 from SourceForge available here or my local copy of zbd253setup.exe.

For Linux clients I've had to figure out how to compile Zebedee from scratch. After much frustration I finally got it to work. I've detailed the steps taken to compile Zebedee for SuSE Linux.

I've also had success building Zebedee on Mac OS X. If you are familiar with the SuSE instructions, it should go well. You'll need to install Homebrew, and at least gcc.

Implementation and results:

Initially there was a problem with connections freezing up, but that was found to be a result of using a 16k packet size instead of the default 8k. Since I switched back to the 8k packet there has not been one lockup.

So far this solution has worked great. To make it seamless, create entries in your hosts file and then use a proxy config script to direct traffic through Zebedee where necessary. For example:

Hosts file:

127.0.0.100    vpn.localresource.mydomain.com

Proxy config script:

function FindProxyForURL(url, host) {
    var tunnelViaZebedee = "PROXY vpn.localresource.mydomain.com:30000";
    // This assumes that Zebedee is listening on port 30000.
    
    if (dnsDomainIs(host,"localresource.mydomain.com")) {
        return tunnelViaZebedee;
    }
    else {
        return DIRECT;
    }
}

If you don't want to tunnel traffic inside the local network, a more advanced proxy config script could decide if the user is outside the local network and only then direct traffic through Zebedee.

Web site design by

In order to avoid spam this site requires JavaScript to display the e-mail links.

Last modified on Thursday, 26-Mar-2020 10:25:48 CDT

validcss.png (1K)

"And the Son will shine
And the reign won't fall
And I know inside
How He loves us all."
~ poor old lu