I had to set up a similar scenario with a reverse tunnel and also
traversing proxies in the middle. I achieved that with an openvpn
tunnel. It showed that is very robust against link fails. May be you
can compile openvpn for your embeded linux.


2008/10/29, Christian Gagneraud :
> Hi all,
> I have a box running embedded linux, which has 2 network interfaces, the
> first (eth0) is the "normal" interface, the other one (ppp0) is used as
> a back-up link (in case eth0 is down, we still want to be able to
> connect to the box).
> The box is installed on the sea, few miles away from the shore, the box
> access internet through eth0 which is connected to a transparent WIFI
> bridge and finally to an ADSL router.
> The ppp0 is a GPRS connection via a modem, as my provider doesn't allow
> incoming connection, i need to set up a reverse tunnel if i want to be
> able to connect remotely to the box.
> I know i can set-up the reverse tunnel with something like "ssh -CNR
> :localhost:2222 middleuser@middleserver", we use this on
> other projects that have only ppp0 to access internet, and it works
> fine.
> It is critical for us to be able to access the box 24/7, the services
> provided by this box need a good bandwidth, that's why we need a
> broadband connection. The ppp0 will be only used in case of
> eth0/internet failure to investigate the problem(s).
> Actually the WIFI link is the weakness of the system, the embedded WIFI
> bridge can fail due to various reason including misalignment (the system
> can derived from its original position), corosion (sea water is a
> killer), power supply failures, ....
> Finally, my problem is that i would like to simply force the reverse
> tunnel to use only ppp0. And at the same time i need the default route
> to go through eth0 (that is needed for the main programs running on this
> box)
> So, this is what i would like to achieve:
> /----------- ppp0 --------| GPRS Modem |---{internet}
> | /---- lo
> | | /-- eth0 --------| ADSL router|---{internet}
> | | |
> | | |
> | ssh daemon (2222), main apps
> |
> \-- ssh -CNR ...
> I have the feeling that there's no way to tell ssh to make a reverse
> tunnel through a specific interface and ignore the default route, and
> that i will have to find a way via the kernel network set-up, and i have
> no clue on how to do this. I don't want to use an automatic/redondant
> route, because if my app try to use ppp0, then the link will be stucked,
> because this app is bandwith hungry and anyway this app needs incoming
> connections...
> So, perhaps someone will come here with an idea using only ssh...
> With best regards,
> Chris
> PS: Please CC me as i'm not subscribed to the list.