Search Results

Search found 2193 results on 88 pages for 'multichannel vpn'.

Page 52/88 | < Previous Page | 48 49 50 51 52 53 54 55 56 57 58 59  | Next Page >

  • OpenVPN multiple servers on the same subnet, high availability

    - by andre
    Hey everyone. Let me start by saying that my Linux experience isn't super awesome but I can usually find my way around things easily. Over at work we have an OpenVPN setup that's been due for some improvement for a while now. The main server (tap mode) runs in our office, behind a rather slow DSL connection. The main problem is that, since I'm usually out of the office, every time I want to access something on the virtual network I have to go through that server to get anywhere else. We have two servers up on 100 Mbit connections that we use for development and production purposes, about 3 more servers in the office (one of them behind a different T1 line for VOIP) and about two dozen clients who use the network on a daily basis from various locations. We've had situations where network routing (outside of our control) would not allow people to reach our main OpenVPN server whilst the other locations were connectable. Also any time someone outside the office wants to fetch something from any of the servers (say, a 500 MB code repository), a whopping 20 KB/s download speed is just unacceptable these days (did I mention slow DSL? ok). We had to implement traffic shaping on this server since maxing out this connection was fairly trivial. I had the thought of running two (or more) OpenVPN servers in the network. These would have to have the same subnet though, as our application relies on virtual network's IP addresses for some of its core functionality. The clients would also preferably retain the same IP addresses but that's not vital. For simplicity, lets call the current server office and the second server I'm setting up, cloud. Call the server on the T1 phone. This proved to be rather complex because as soon as I connect to cloud, I cannot see office. Any routes to a server that would go through office also do not work while I'm connected to cloud (no ping, nothing) and vice-versa. There's no rules for iptables that would be blocking the traffic either. Recently I came across this article on linuxjournal but the solution they provide seems to only cover the use of two servers and somewhat outdated (can't even find much documentation, their wiki is offline). They also state that adding more servers would be a complex task. Ideally I would like to keep the existing server office running the virtual network and also run the OpenVPN daemon on the cloud and phone servers (100 Mbit and very reliable connection, respectively) so that we're on safe ground in case of a hardware failure, DSL failure, etc. So, in essence, I'm looking for a highly available OpenVPN solution (fix, patch, hack, tweak, whatever you want to call it) that will accept connections on multiple hosts (2 or more) whilst keeping the same IP address subnet regardless of the server to which you connect to. Thanks for reading and sorry for the long post, I hope it gets the point across :P

    Read the article

  • L2TP and multiple interfaces on the machine

    - by Alex
    We have setup ipsec and l2tp on linux. One question came up (due to firewall management policy) is whether it's possible to have 1 virtual interface instead of one per connected client. Now we have: ppp0 serverip clientip1 ppp1 serverip clientip2 Want to have: l2tp_tun serverip serverip like with OpenVPN's tun interfaces and then to be able to push IP address and route to each client.

    Read the article

  • OpenVPN Permission Denied Error

    - by LordCover
    I am setting OpenVPN up, and I'm in the state of adding users. Details: Host System: Windows Server 2003 32-bit. Guest System: Ubuntu Linux (with OpenVPN installed already), actually I downloaded it from OpenVPN.Net. Virtualization: VMWare v7.0 Problem: I can access the Access Server web portal (on the port 5480), but when I login to http://host_ip:943/admin and enter my (correct) login info, it shows me a page saying that "You don't have enough permissions". I am the (root) user!!!! that is really weird!!! Note: if I enter wrong login it will denote an incorrect login, this means that I am logging in successfully but the problem comes after the login process. What I tried: I tried to create another user after (root) logging in to Linux Bash using (useradd) command, but the same resulted.

    Read the article

  • Can remote LogMeIn Hamachi users access our local LAN?

    - by Kev
    Unknown to me, one of the kids has installed LogMeIn Hamachi on his PC so that he can access and play on his pal's Minecraft server, and vice versa. One of the things I did was disable the Client for Microsoft Networks and File and Printer Sharing for Microsoft Networks on the Hamachi NIC in Windows 7's Network Connections. However, my lack of fu when it comes to these types of services is leaving me feeling a little uncomfortable about him using this. Is there anything I should be worried about here? For example, can his friends access our local LAN (which has a number of NAS boxes with unsecured shares) and get up to no good?

    Read the article

  • Openbsd init script for ssh VPN tunnel

    - by manthis
    I have a server hosting SSH tunnels and Openbsd 4.5 clients connecting to it. Things work just fine but I am in the need of automating the connection from the client to the server. So that if the client is accidentally rebooted, then the connection initiates unattended. So it should be as straight forward as to include the ssh connection in an init script. However I have miserably failed to do so by including it to /etc/rc.local, which is the file I usually do this sort of things in. Right now I am using autossh to also restart the connection if necessary and the script that I put on /etc/rc.local follows: #!/bin/sh # # Example script to start up tunnel with autossh. # # This script will tunnel 2200 from the remote host # to 22 on the local host. On remote host do: # ssh -p 2200 localhost # # $Id: autossh.host,v 1.6 2004/01/24 05:53:09 harding Exp $ # ID=root HOST=example.com #AUTOSSH_POLL=600 #AUTOSSH_PORT=20000 #AUTOSSH_GATETIME=30 #AUTOSSH_LOGFILE=$HOST.log #AUTOSSH_DEBUG=yes #AUTOSSH_PATH=/usr/local/bin/ssh export AUTOSSH_POLL AUTOSSH_LOGFILE AUTOSSH_DEBUG AUTOSSH_PATH AUTOSSH_GATETIME AUTOSSH_PORT autossh -2 -f -M 20000 ${ID}@${HOST} The script detaches just fine when run manually so I just include it on /etc/rc.local as echo -n 'starting local daemons:' if [ -x /usr/local/sbin/autossh.sh ]; then echo -n 'ssh tunnel' /usr/local/sbin/autossh.sh fi echo '.' I have also tried calling it from /etc/hostname.tun0 in case there may be issues with /etc/rc.local not being called at the right time when network connections are ready, so I would use: inet 10.254.254.2 255.255.255.252 10.254.254.1 !/usr/local/sbin/autossh.sh Your input is highly appreciated.

    Read the article

  • Help with OpenVPN setup on Windows Server 2003

    - by Bill Johnson
    Hi all, Just wondering if someone can assist me further with the set-up of OpenVPN on my Windows Server 2003. I have configured Win Server as per the following guide: http://tinyurl.com/kxusv and I'm now at the stage of Creating the config files. I have a few questions that I need some assistance with. My server IP is 192.168.1.10 and my routers IP address is 192.168.1.1 (the router is a Netgear DGN2000). I have edited the server.ovpn file as per the following: push "dhcp-option DNS X.X.X.X" # Replace the Xs with the IP address of the DNS for your home network (usually your ISP's DNS) push "dhcp-option DNS X.X.X.X" # A second DNS server if you have one to include my ISP DNS and I have not edited anything else. Now my issue is with the client1.opvpn file as per the below: client dev tap #dev-node MyTAP #If you renamed your TAP interface or have more than one TAP interface then remove the # at the beginning and change "MyTAP" to its name proto udp remote YOURHOST.dyndns.org 1194 #You will need to enter you dyndns account or static IP address here. The number following it is the port you set in the server's config route 192.168.1.0 255.255.255.0 vpn_gateway 3 #This it the IP address scheme and subnet of your normal network your server is on. Your router would usually be 192.168.1.1 resolv-retry infinite nobind persist-key persist-tun ca "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ca.crt" cert "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\client1.crt" # Change the next two lines to match the files in the keys directory. This should be be different for each client. key "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\client1.key" # This file should be kept secret ns-cert-type server cipher BF-CBC # Blowfish (default) encrytion comp-lzo verb 1 To me it looks like I will need to amend the following: remote YOURHOST.dyndns.org 1194 #You will need to enter you dyndns account or static IP address here. The number following it is the port you set in the server's config route 192.168.1.0 255.255.255.0 vpn_gateway 3 #This it the IP address scheme and subnet of your normal network your server is on. Your router would usually be 192.168.1.1 So, should the first line be the static IP of the machine that I'm applying this to? The IP address of the server (192.168.1.10) or something else? I'm also stuck on the second part 'route 192.168.1.0 255.255.255.0 vpn_gateway 3' Should this be the router IP which is 192.168.1.1 and the subnet is 255.255.255.0 and that is all I need to alter? The final part that I'm stuggling with is Configuring the router. Basically I have a Netgear DGN2000 and as it mentions that the router should be configured to port forward port 1194 to the server’s IP address of 192.168.1.150 all I have been able to do is in 'Firewall Rules' and on 'Inbound Services', set the Service to 'Any(ALL) and Send to LAN Server point to 1923.168.1.150. I'm not sure if this is correct? It is the following stage of the help guide that I'm struggling with and really need some help with: You need to make sure the port you configured OpenVPN to listen on is forwarded on the router to the IP address of your server. On the WRT54G, port forwarding is configured in the “Applications & Gaming” section. Enter 1194 for the port, UDP for the protocol, and 192.168.1.150 for the IP address. Make sure the entry is enabled and then save the setting. Next, you need to add an entry to the router’s Routing Table. This will enable the router to properly route requests from the clients to the TAP interface of the server. On the WRT54G you would go to the “Setup” page and then the “Advanced Routing” section. Enter the follwing info to make the entry: Enter Route Name: openVPN Destination LAN IP: 192.168.10.0 Subnet Mask: 255.255.255.252 Default Gateway: 192.168.1.150 Interface: LAN & Wireless Once the info has been typed in make sure you save the setting. Can anyone possibly guide me through setting this part up with my Netgear router. I see that once I have these 2 parts complete I'm there so I would really appreciate someone walking me through what is required in completing this. Much appreciated.

    Read the article

  • Splitting Company into two separate companies with duplicate IT infrastructure. Need Reccomendation

    - by Shanghai360
    We are dividing our company into two companies. All employees will be shared across both the companies. We have separate Accounting systems, email and other applications for both companies. There are two physical offices located within the same city block. And identical infrastructure at both. Money is not a limiting factor. How would you design the network, remote access, and configure the workstations? Thanks!

    Read the article

  • openvpn port 53 bypasses allows restrictions ( find similar ports)

    - by user181216
    scenario of wifi : i'm using wifi in hostel which having cyberoam firewall and all the computer which uses that access point. that access point have following configuration default gateway : 192.168.100.1 primary dns server : 192.168.100.1 here, when i try to open a website the cyberoam firewall redirects the page to a login page (with correct login information, we can browse internet else not), and also website access and bandwidth limitations. once i've heard about pd-proxy which finds open port and tunnels through a port ( usually udp 53). using pd-proxy with UDP 53 port, i can browse internet without login, even bandwidth limit is bypassed !!! and another software called openvpn with connecting openvpn server through udp port 53 i can browse internet without even login into the cyberoam. both of softwares uses port 53, specially openvpn with port 53, now i've a VPS server in which i can install openvpn server and connect through the VPS server to browse internet. i know why that is happening because with pinging on some website(eb. google.com) it returns it's ip address that means it allows dns queries without login. but the problem is there is already DNS service is running on the VPS server on port 53. and i can only use 53 port to bypass the limitations as i think. and i can not run openvpn service on my VPS server on port 53. so how to scan the wifi for vulnerable ports like 53 so that i can figure out the magic port and start a openvpn service on VPS on the same port. ( i want to scan similar vulnerable ports like 53 on cyberoam in which the traffic can be tunneled, not want to scan services running on ports). improvement of the question with retags and edits are always welcomed... NOTE : all these are for Educational purpose only, i'm curious about network related knowledge.....

    Read the article

  • openvpn port 53 bypasses allows restrictions ( find similar ports)

    - by user181216
    scenario of wifi : i'm using wifi in hostel which having cyberoam firewall and all the computer which uses that access point. that access point have following configuration default gateway : 192.168.100.1 primary dns server : 192.168.100.1 here, when i try to open a website the cyberoam firewall redirects the page to a login page (with correct login information, we can browse internet else not), and also website access and bandwidth limitations. once i've heard about pd-proxy which finds open port and tunnels through a port ( usually udp 53). using pd-proxy with UDP 53 port, i can browse internet without login, even bandwidth limit is bypassed !!! and another software called openvpn with connecting openvpn server through udp port 53 i can browse internet without even login into the cyberoam. both of softwares uses port 53, specially openvpn with port 53, now i've a VPS server in which i can install openvpn server and connect through the VPS server to browse internet. i know why that is happening because with pinging on some website(eb. google.com) it returns it's ip address that means it allows dns queries without login. but the problem is there is already DNS service is running on the VPS server on port 53. and i can only use 53 port to bypass the limitations as i think. and i can not run openvpn service on my VPS server on port 53. so how to scan the wifi for vulnerable ports like 53 so that i can figure out the magic port and start a openvpn service on VPS on the same port. ( i want to scan similar vulnerable ports like 53 on cyberoam in which the traffic can be tunneled, not want to scan services running on ports). improvement of the question with retags and edits are always welcomed... NOTE : all these are for Educational purpose only, i'm curious about network related knowledge.....

    Read the article

  • ADD ROUTE command in windows 2008R2

    - by Mehrdad Kamelzadeh
    I don't know much about Networking, So excuse me if I am raising some basic issues. I have a LAN where there is a Windows Server 2008R2 with some clients connected to it. The clients are not joined to the domain of the Server (they are in a WORKGROUP). I have set up a VPS on the server machine (PPTP) with a Static address pool of range 10.0.0.1 - 10.0.0.10 but the LAN range itself is 192.168.1.1 - 192.168.1.254. When I connect to the server from another location over the internet, I can just see the server and I can not see the other clients which are in the same LAN as the server. what to do to see the other clients? a friend of mine said that you should use the ADD ROUTE command. Beacuse of that I used this command as my title. What would be the best way to address this problem? Thanks

    Read the article

  • Create a tunnel to my dedicated windows server

    - by Mobiz
    I have a Win 2008 dedicated server. The remote access for MSSQL db is disabled. However I want to connect to it during development from my system. I need to create something like a tunnel from my lap so as to access it. I don't have static IP. Another reason for mentioning about creating tunnel is that my server IP has been whitelisted with other server. The data must originate from my dedicated server then only I can do the testing.

    Read the article

  • Solutions for exporting a remote desktop app (display and audio)

    - by Richard
    I'm looking for a solution that will allow me to export a desktop app running on a server to a client machine. The server is ideally Linux, the desktop is Windows (+Mac for icing on the cake). The export should be encrypted and I need to support multiple clients from one server. I only want to export an individual app, not a whole desktop, and ideally am looking for open source solutions. The obvious, cheapest, simplest choice is to use X tunnelled over ssh (e.g using Xming on the desktop) but X doesn't support audio. What are the alternatives? Or is there a way to support audio using X or in parallel to X? Thanks

    Read the article

  • Windows Server 2003 IPSec Tunnel Connected, But Not Working (Possibly NAT/RRAS Related)

    - by Kevinoid
    Configuration I have setup a "raw" IPSec tunnel between a Windows Server 2003 (SBS) machine and a Netgear FVG318 according to the instructions in Microsoft KB816514. The configuration is as follows (using the same conventions as the article): NetA | SBS2003 | FVG318 | NetB 10.0.0.0/24 | 216.x.x.x | 69.y.y.y | 10.0.254.0/24 Both the Main Mode and Quick Mode Security Associations are successfully completed and appear in the IP Security Monitor. I am also able to ping the SBS2003 server on its private address from any computer on NetB. The Problem Any traffic sent from a computer on NetA to NetB, or from SBS2003 to NetB (excluding ICMP Ping responses), is sent out on the public network interface outside the IPSec tunnel (no encryption or header authentication, as if the tunnel were not there). Pings sent from a computer on NetB to a computer on NetA successfully reach computers on NetA, but the responses are silently discarded by SBS2003 (they do not go out in the clear and do not generate any encrypted traffic). Possible Solutions Incorrect Configuration I could have mistyped something, somewhere, or KB816514 could be incorrect in some way. I have tried very hard to eliminate the first option. Have re-created the configuration several times, tried tweaking and adjusting all the settings I could without success (most prevent the SA from being established). NAT/RRAS I have seen multiple posts elsewhere suggesting that this could be due to interaction between NAT and the IPSec filters. Possibly the NetA private addresses get rewritten to 216.x.x.x before being compared with the Quick Mode IPSec filters and don't get tunneled because of the mismatch. In fact, The Cable Guy article from June 2005 "TCP/IP Packet Processing Paths" suggests that this is the case, (see step 2 and 4 of the Transit Traffic path). If this is the case, is there a way to exclude NetA-NetB traffic from NAT? Any thoughts, ideas, suggestions, and/or comments are appreciated.

    Read the article

  • openVPN as a way to connect to a LAN by another client, different from server

    - by Einar
    Setup: one LAN handled by a router without a publicly available IP address but without any outbound connection restrictions ("target LAN"); a separate server publicly reachable from the Internet ("gateway"). I am trying to set up openVPN so that a third client can connect to the "gateway" and access the "target LAN". As the router of "target LAN" is not reachable from the Internet directly, it connects to the gateway itself via openVPN as well. The problem is how to handle routing. The LAN router has two network interfaces (for the outside network and the LAN itself). In openVPN (the server on the gateway) I set client-to-client and push "route 192.168.10.0 255.255.255.0" but I assume this would be horribly wrong (it actually messed up the routing on the LAN router until I killed openVPN). openVPN is not using bridging, is configured via tun. Other config details from the server server 10.8.0.0 255.255.255.0 client-config-dir ccd route 192.168.10.0 255.255.255.0 And the client file in ccd is iroute 192.168.10.0 255.255.255.0 What can be adjusted to ensure that a third client can connect through openVPN and access the LAN mentioned earlier?

    Read the article

  • Iptables REDIRECT + openvpn problem

    - by Emilio
    I want to redirect connection to port 22 to my openvpn binded port, on 60001. Openvpn is running on server on 60001 server:~$ sudo netstat -apn | grep openvpn udp 0 0 67.xx.xx.137:60001 0.0.0.0:* 4301/openvpn I redirect on server port 22 to 60001 server:~$ sudo iptables -F -t nat server:~$ sudo iptables -A PREROUTING -t nat -p udp --dport 22 -j REDIRECT --to-ports 60001 I start openvpn client (openvpn.conf is correct, it works with remote IP 22 replaced with remote IP 60001) client:~$ ./openvpn openvpn.conf Tue Apr 27 00:42:50 2010 OpenVPN 2.1.1 i686-pc-linux-gnu [SSL] [EPOLL] built on Mar 23 2010 Tue Apr 27 00:42:50 2010 UDPv4 link local (bound): [undef]:1194 Tue Apr 27 00:42:50 2010 UDPv4 link remote: 67.xx.xx.137:22 Tue Apr 27 00:42:52 2010 read UDPv4 [ECONNREFUSED]: Connection refused (code=111) Tue Apr 27 00:42:55 2010 read UDPv4 [ECONNREFUSED]: Connection refused (code=111) ... It doesn't connect. iptables shows requests from client to server but no answers. What's wrong with it?

    Read the article

  • Have servers behind OpenVPN subnet reach connecting clients

    - by imaginative
    I am trying to find some relevant documentation or what directives I need in either the OpenVPN server configuration or client configuration to accommodate for this use case. I have an OpenVPN server that clients connect to. The OpenVPN server can communicate directly with any of the clients already, this is not an issue. The client is able to reach any machine on the private subnet where OpenVPN resides, this is also not an issue. My issue is that the reverse is currently not possible - I have servers on the same subnet as the OpenVPN box that cannot reach any of the connecting clients. I'd like to be able to SSH to them and more, the same way the client can reach the servers behind the OpenVPN subnet. What do I need to do to make this possible? I already have masquerading rules set on the OpenVPN box: iptables -t nat -A POSTROUTING -s 192.168.50.0/24 -o eth0 -j MASQUERADE IP Forwarding is enabled: echo 1 >/proc/sys/net/ipv4/ip_forward I added a route on the server behind the private subnet to be aware of the route: 192.168.50.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 What am I missing?

    Read the article

  • EasyVPN client Access mutiple subnet behind cisco 5510

    - by zatrac
    I need help with the following scenario Main network ASA 5510 (one inside 192.168.10.1 connection and one outside connection). This ASA 5510 connect to switch 3570 with 3 VLANS configured (192.168.10.0, 10.10.11.0, 10.10.12.0). On the remote site I have ASA5505 ( 10.10.13.0) connected to this ASA5510 through EZVPN, but all it can see is the 192.168.10.0 subnet. What do I need to do to get the subnet 10.10.13.0 to see all 3 internal subnets.

    Read the article

  • Create True VLAN over RAS

    - by Bigbohne
    Hi, I was wondering if it's possible. I want to create a virtual network over RAS using Windows Server 2003. The Client should be able to connect to the server using L2TP and should get an IP Adress from a private Range (lets say 192.168.1.100 - 192.168.1.200 and a subnetmask of 255.255.255.0). Now each client connected to the server should be able to ping another connected client. e.g. 192.168.1.123 <- 192.168.1.145 via RAS via the server. Is this possible? And ... how ? best regards, andre

    Read the article

  • Firewall is blocking internet traffic to OpenVPN clients

    - by user268905
    I have a virtual network setup with a Linux router/firewall connected to two private networks. An OpenVPN server in routing mode and a web server are in one of the networks. On the other are linux client machines which access the webserver and the Internet through the OpenVPN server. Also, external clients can access the OpenVPN from the Internet. The OpenVPN's server.conf is setup to use routing mode in udp, push DNS and routes to the network it is in so clients can access the webserver. Here are my very strict firewall rules. After connecting to the OpenVPN server, my clients can not access the Internet or the web server. When I allow FORWARD traffic to go through, it works just fine. The OpenVPN server has full internet connectivity. What firewall rule do I need to add to allow internet traffic to reach my clients?

    Read the article

  • OpenVPN and Squid Setup troubleshooting

    - by Adam
    I am trying to setup squid to tunnel via openvpn so that I can just enter an Ip and port in my browser settings and use it as a US proxy. My server is a OpenVZ VM. Running into some issues: I setup openvpn using : http://safesrv.net/install-openvpn-on-centos/ as part of that guide I also ran: iptables -t nat -A POSTROUTING -o venet0 -j SNAT --to-source iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to-source Installed squid using this guide: http://www.server-world.info/en/note?os=CentOS_6&p=squid from that guide changed acl lan src 10.0.0.0/24 to acl lan src 10.8.0.0/24 Next, I went to my browser proxy settings and put - 10.8.0.1 in the HTTP field. Put the port I had setup in the squid config file and tried to load a page. Nothing connecting. Any help? What am I doing wrong?

    Read the article

  • Should I create a second WAN Interface for a new SSLVPN setup on my Sonicwall 2400?

    - by TheSuperman
    Sonic Wall 2400 I'm setting up a new SSLVPN on our Sonicwall, very new to this. I currently have an exchange server as well, so mail.company.com is directed to our mail server. I'd like to setup a clean link for my low end users, remote.company.com to be for the SSLVPN, but I'm not sure how to do this within the Sonicwall? I setup SSLVPN on port 443. Only 1 WAN setup, on the X1 Interface. We have an A record setup with the same static IP used on the WAN Interface, and is configured for mail.company.com. Should I use a new static IP from our block of usable IP's to create the new Remote.Company.com? If so, I have no idea where to start on this on the Sonicwall? Any suggestions?

    Read the article

  • Need help configuring NAT

    - by QuinnFTW
    First of all, the router I am using is a Cisco WRVS4400N. My company runs a software which handles the MySQL database of all of their products. The software now has an e-commerce module, so I have to set up a secure tunnel from our network to the server that will be hosting our e-commerce site so that when the database is updated, the site will also be updated. The technician completeing the job said there is an IP conflict, and has asked me to NAT 192.168.0.0/24 to 192.168.115.0/24. I am not really sure how to do this, and they want to charge $150 an hour to do it for me. Can anyone help?

    Read the article

< Previous Page | 48 49 50 51 52 53 54 55 56 57 58 59  | Next Page >