setup VPN server

setup VPN server

Post by dkui » Tue, 28 Nov 2000 04:00:00



Hi,

Here is the scenario which I have questions about.  I have set up a Linux
box to do VPN masquerading from our office to another.  I can establish a
VPN connection from our office to their server and perform all the necessary
tasks, no problem.

*changed ip's below*

We would like for them to be able to connect to our server also.  The server
is a WinNT 4 server located at 192.168.1.1 and my Linux firewall is at
192.168.1.66 and has an external ip of 200.200.200.200.  What do I have to
do at this end to permit the other office to establish a VPN connection to
our NT server through the firewall?

TIA,

dk

 
 
 

setup VPN server

Post by Cowles, Stev » Tue, 28 Nov 2000 04:00:00



Quote:> Hi,

> Here is the scenario which I have questions about.  I have set up a Linux
> box to do VPN masquerading from our office to another.  I can establish a
> VPN connection from our office to their server and perform all the
necessary
> tasks, no problem.

> *changed ip's below*

> We would like for them to be able to connect to our server also.  The
server
> is a WinNT 4 server located at 192.168.1.1 and my Linux firewall is at
> 192.168.1.66 and has an external ip of 200.200.200.200.  What do I have to
> do at this end to permit the other office to establish a VPN connection to
> our NT server through the firewall?

> TIA,

> dk

Sounds like your requirements are geared towards a LAN to LAN tunnel, not a
Host to LAN. I have setup many of my customers with LAN to LAN tunnels using
IPSEC from the firewalls at each end.

Checkout: http://jixen.tripod.com/#Subnet-to-Subnet

There are many other examples that might fit your design requirements
besides what is shown above.

Steve Cowles

 
 
 

setup VPN server

Post by NorbertSchmid » Wed, 29 Nov 2000 04:00:00


You could go and forward the interesting ports to the NT machine.
Your problem is that the privat IP's you are using are not routable on
the internet. If you are using a VPN which is tunneling your subnet
through the internet, you will only need to put some routing information
into the /etc/route.conf which points through the VPN device. The tunnel
will then take the data through the internet to the remote LAN.
Which VPN protocol are you using???

Greetings Norbert


> Hi,

> Here is the scenario which I have questions about.  I have set up a Linux
> box to do VPN masquerading from our office to another.  I can establish a
> VPN connection from our office to their server and perform all the necessary
> tasks, no problem.

> *changed ip's below*

> We would like for them to be able to connect to our server also.  The server
> is a WinNT 4 server located at 192.168.1.1 and my Linux firewall is at
> 192.168.1.66 and has an external ip of 200.200.200.200.  What do I have to
> do at this end to permit the other office to establish a VPN connection to
> our NT server through the firewall?

> TIA,

> dk

--
Norbert Schmidt
Optische und elektronische Geraete Juelich
Rheingasse 8-10
53113 Bonn
Germany

Tel: +49 228 9838625
Fax: +49 228 631339

 
 
 

setup VPN server

Post by dkui » Wed, 29 Nov 2000 04:00:00


I am, unfortunately, somewhat forced to use PPTP.  I am not sure I
understand exactly what you mean here though.  Perhaps you could elaborate?

Thanks, Darren


> You could go and forward the interesting ports to the NT machine.
> Your problem is that the privat IP's you are using are not routable on
> the internet. If you are using a VPN which is tunneling your subnet
> through the internet, you will only need to put some routing information
> into the /etc/route.conf which points through the VPN device. The tunnel
> will then take the data through the internet to the remote LAN.
> Which VPN protocol are you using???

> Greetings Norbert


> > Hi,

> > Here is the scenario which I have questions about.  I have set up a
Linux
> > box to do VPN masquerading from our office to another.  I can establish
a
> > VPN connection from our office to their server and perform all the
necessary
> > tasks, no problem.

> > *changed ip's below*

> > We would like for them to be able to connect to our server also.  The
server
> > is a WinNT 4 server located at 192.168.1.1 and my Linux firewall is at
> > 192.168.1.66 and has an external ip of 200.200.200.200.  What do I have
to
> > do at this end to permit the other office to establish a VPN connection
to
> > our NT server through the firewall?

> > TIA,

> > dk

> --
> Norbert Schmidt
> Optische und elektronische Geraete Juelich
> Rheingasse 8-10
> 53113 Bonn
> Germany

> Tel: +49 228 9838625
> Fax: +49 228 631339

 
 
 

setup VPN server

Post by dkui » Wed, 29 Nov 2000 04:00:00


I notice that all these examples involve IPsec and I am using PPTP for
various reasons which do not allow me to switch.  Can I follow the same
procedure using PPTP?

Darren




> > Hi,

> > Here is the scenario which I have questions about.  I have set up a
Linux
> > box to do VPN masquerading from our office to another.  I can establish
a
> > VPN connection from our office to their server and perform all the
> necessary
> > tasks, no problem.

> > *changed ip's below*

> > We would like for them to be able to connect to our server also.  The
> server
> > is a WinNT 4 server located at 192.168.1.1 and my Linux firewall is at
> > 192.168.1.66 and has an external ip of 200.200.200.200.  What do I have
to
> > do at this end to permit the other office to establish a VPN connection
to
> > our NT server through the firewall?

> > TIA,

> > dk

> Sounds like your requirements are geared towards a LAN to LAN tunnel, not
a
> Host to LAN. I have setup many of my customers with LAN to LAN tunnels
using
> IPSEC from the firewalls at each end.

> Checkout: http://jixen.tripod.com/#Subnet-to-Subnet

> There are many other examples that might fit your design requirements
> besides what is shown above.

> Steve Cowles