Home > Archive > Linux/Unix > November 2001 > Ip Masquerading/vpn





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author Ip Masquerading/vpn
ahpama

2001-11-06, 2:08 am

Hi guys it is me again...

It seems that I am beginning to enjoy the World of Linux. I will be planning to install IP masquerading on my server(not the one that I previously posted )and after that it will be configured to VPN. I would like to ask for some advice on what would be my first approach. eg. What are the services that needs to be installed? Where can I get the services (I am not yet familiar with unzipping, RPM, tar but just give me an idea and I will be the one to self study it.) How am I going to install the services.

Any idea will be higly appreciated.


CHEERS!!!
ccieToBe

2001-11-06, 9:47 am

quote:
Originally posted by ahpama
Hi guys it is me again...

It seems that I am beginning to enjoy the World of Linux. I will be planning to install IP masquerading on my server(not the one that I previously posted )and after that it will be configured to VPN. I would like to ask for some advice on what would be my first approach. eg. What are the services that needs to be installed? Where can I get the services (I am not yet familiar with unzipping, RPM, tar but just give me an idea and I will be the one to self study it.) How am I going to install the services.

Any idea will be higly appreciated.


CHEERS!!!


Welcome to the open source world

What version of Linux are you using (as in what vendor, vendor's version, kernel version). This will affect what you use for IP masquerading and how you install the software.

As far as the VPN goes, it all depends on what protocol(s) you want to use (IPSec, SSH, PPTP...). If I just lost you, read up on VPNs. It'll save you a lot of frustration.
ahpama

2001-11-06, 10:59 am

quote:
Originally posted by ccieToBe


Welcome to the open source world

What version of Linux are you using (as in what vendor, vendor's version, kernel version). This will affect what you use for IP masquerading and how you install the software.

As far as the VPN goes, it all depends on what protocol(s) you want to use (IPSec, SSH, PPTP...). If I just lost you, read up on VPNs. It'll save you a lot of frustration.


I am using RH 7.2. I will be using PPTP as my protocol.

Just like to ask how to install Ip/Masquerading software.


Thanks.
ccieToBe

2001-11-06, 1:14 pm

quote:
Originally posted by ahpama


I am using RH 7.2. I will be using PPTP as my protocol.

Just like to ask how to install Ip/Masquerading software.


Thanks.


To setup NAT (IP Masquerading=NAT) take a look at this link. RedHat 7.2 uses a 2.4.x kernel. I think by default RedHat 7.2 has all the software you need for this installed, so it should just be a matter of configuring it.

http://linuxdoc.org/HOWTO/IP-Masquerade-HOWTO.html


The only Linux PPTP server that I know of is PopTop. When you install this make sure the encryption settings are correct. When I setup mpd-netgraph (a PPTP server for FreeBSD) on a VPN server a few months ago the encryption settings were very weak by default.

http://poptop.lineo.com/
ahpama

2001-11-06, 2:21 pm

quote:
Originally posted by ccieToBe


To setup NAT (IP Masquerading=NAT) take a look at this link. RedHat 7.2 uses a 2.4.x kernel. I think by default RedHat 7.2 has all the software you need for this installed, so it should just be a matter of configuring it.

http://linuxdoc.org/HOWTO/IP-Masquerade-HOWTO.html


The only Linux PPTP server that I know of is PopTop. When you install this make sure the encryption settings are correct. When I setup mpd-netgraph (a PPTP server for FreeBSD) on a VPN server a few months ago the encryption settings were very weak by default.

http://poptop.lineo.com/


Hi thanks again. But I am a bit confused with the IP Masquerading with our requirements. My project would be like this . I will create a PPTP server wherein our clients remotely will be using dial up then will be using VPN to connect to our network. My company doesn't want to give private IP to our clients once connected instead a public ip is given because most of our clients wants to have their own public IP. Can I just setup the Linux box in this way. I guess if this is the case I will no longer need IP masquerading, right?

Thanks again.

ahpama
ccieToBe

2001-11-06, 3:15 pm

quote:
Originally posted by ahpama


Hi thanks again. But I am a bit confused with the IP Masquerading with our requirements. My project would be like this . I will create a PPTP server wherein our clients remotely will be using dial up then will be using VPN to connect to our network. My company doesn't want to give private IP to our clients once connected instead a public ip is given because most of our clients wants to have their own public IP. Can I just setup the Linux box in this way. I guess if this is the case I will no longer need IP masquerading, right?

Thanks again.

ahpama


If you were to setup a VPN using all internal or all external addresses (this includes all VPN clients and everything that they connect to through the VPN) then there would be no need for NAT. If you plan on mixing them (ie VPN users get external addresses and some of the servers use internal addresses) then some form of NAT is needed, most likely with static port forwarding.

Btw, why do your clients want public IPs? Using them creates some security issues.
ahpama

2001-11-06, 3:32 pm

quote:
Originally posted by ccieToBe


If you were to setup a VPN using all internal or all external addresses (this includes all VPN clients and everything that they connect to through the VPN) then there would be no need for NAT. If you plan on mixing them (ie VPN users get external addresses and some of the servers use internal addresses) then some form of NAT is needed, most likely with static port forwarding.

Btw, why do your clients want public IPs? Using them creates some security issues.


Yeah we know that. By the way, we provide fast internet access using satellite card and each card has one public IP. We have clients that are not being allowed by their ISP to use our public IP address pool. And the only way we think is using IP tunneling/ VPN to let our clients get connected to our network. My company doesn't want to give private IP to our clients once connected instead a public ip is given because most of our clients wants to have a public Ip and if I am the owner of our company I will just use private IP instead. I dont know if they also include the price of a public IP on their billing.

Can I just setup Linux as a PPTP server alone?

Cheers!!!
ccieToBe

2001-11-06, 6:09 pm

quote:
Originally posted by ahpama


Yeah we know that. By the way, we provide fast internet access using satellite card and each card has one public IP. We have clients that are not being allowed by their ISP to use our public IP address pool. And the only way we think is using IP tunneling/ VPN to let our clients get connected to our network. My company doesn't want to give private IP to our clients once connected instead a public ip is given because most of our clients wants to have a public Ip and if I am the owner of our company I will just use private IP instead. I dont know if they also include the price of a public IP on their billing.

Can I just setup Linux as a PPTP server alone?

Cheers!!!


Sounds like a fun place to work at. I've always been fascinated by wireless communications, especially with satalites.

Being an ISP it seems like all the servers that clients connect to would be externally addressable. Since that's the case you can just run a PPTP server by itself. PopTop's the only Linux PPTP server that I've heard anything about, but you may be able to find others on freshmeat.net.
Sponsored Links





Free Braindumps | MCSE braindumps software forum

Copyright 2003 - 2008 examnotes.net