Re: VPN

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Unfotunately i have to solve this based on software 
i need to isolate each company to protect their info from others 
i have 3 companies
and last one thing i need to see each company's traffic statics for long time periods. and i need to be able to limit their traffics
that is all ,
but as i see on open vpn i could not group users.i have a cisco router which i could see the traffic of my servers external  ip addresses so i decide to see them from there via giving each company one external ip to connect to internet .
but i could not decide yet how to do it :) 
is there any body have an advice for me ?

2010/4/10 John R Pierce <pierce@xxxxxxxxxxxx>
cahit Eyigünlü wrote:
> is there any possibility to do this on cent os
>
> for example company one will be in the block of 10.0.0.0.1-10.0.0.255
> and routed to the one of my external ip
> company two will be in the block of 11.0.0.0.1-11.0.0.255 and routed
> to the one of my external ip
>

I am not sure what you mean by 'routed to one of your external ip
addresses'.

so, you are at a third site, and want a tunnel to both companies networks?

btw, I know those are just example addresses, but 11.x.x.x is not a
reserved network   instead, that should be 10.1.0.xxx or something.

> i just need an advice is this better on windows vpn or llinux vpn
> server do you advice me any server software like open vpn or sth. else

assuming its a routing that makes logical sense, it should be easy to
implement with OpenVPN.  you'd need a firewall running openvpn at each
of those companies then your end could inititate the connections to each
of them.  I'm not sure why you'd have to use two internet addresses at
your end, rather, you'd just have an net like 10.2.0.xxx and the VPN
tunnels would route between those networks.   I'm assuming company 1 and
company 2 don't want any direct routing between them, so you'd have to
make sure you're not providing that route (eg, 10.0.0.xxx should not
have a route to 10.1.0.xxx or visa versa)


as far as 'better'?  better is what you or the people who will be
administrating this is most familar with.   often, easiest is to use VPN
appliance routers, like watchguards, or netscreens as the firewalls at
all these sites.





_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux