When working remotely for a big company, we often need to access internal tools that require a VPN (virtual private network) connection. Of course, to do so, there is not a simple OpenVPN configuration file, but you will need to install a proprietary VPN that only works on Windows. However, you would like yo use your favorite Linux distribution.
You can first try to use the OpenConnect VPN client. It supports Cisco AnyConnect, Juniper, Pulse, and GlobalProtect VPNs.
However, if the VPN required has some host checker enabled, you will need to use a Virtual Machine(VM).
Using a VM
Download a Windows image and a virtualization software such as VirtualBox.
Launch the VM. Inside the VM, you can install the corporate VPN and you will be able to access internal tools, but only inside the VM. You can keep using this solution if your interaction with the VM remains small. However, if it is frequent, the switch between VM and host would be too annoying.
If you want to have access to the internal network inside your host, you can check the following section.
Using SOCKS5 proxy with ssh
Start an SSH server, Windows 10 should have this service.
OpenSSH Server can be found in
Optional features. Per default, it will be listening on port 22.
If you use VirtualBox, in the network settings, choose to use NAT and add a port forwarding rule:
Protocol: TCP Host Ip: 127.0.0.1 Host Port: 2222 Guest Port: 22
On the host, to connect the VM via SSH and create a proxy on port
ssh -D 8080 user@VM_IP -p 2222
Once connected, you can use the
localhost:8080 as a SOCKS5 proxy.
You can configure your browser to use this proxy to browse internal websites.
If the ssh connection fails, the proprietary VPN probably hides the local network.
You can then try the
Using ngrok and Squid proxy
Ngrok exposes local servers behind NATs and firewalls to the public internet over secure tunnels.
If when connected to the VPN you can still access internet, you can use ngrok to exposes a proxy server.
Let’s start ngrok to exposes the VM
3129 port to the public internet.
ngrok.exe tcp 3129
Your terminal should look similar to this
0.tcp.ngrok.io:17468 now redirects to the VM port
We need now to start a proxy server using Squid.
Modify the config to uses port
3129 and if needed add the IP of the DNS server (
Then start a Squid proxy server.
On the host, we should now be able to access to the proxy server via the ngrok address
On the host we can use the proxy indicated in ngrok. I personally use FoxyProxy on Firefox. Now you should have access to internal websites from your host browser 😎