CentOS 5 Networking :: Setup Public Accessible VPN On The Internet?
Jul 8, 2011
I am running CentOS release 5.6 (Final) and have successfully installed PPTPD and this works great internally.
I want to access my Linux box remotely on the internet via my VPN tunnel. However I am not sure what I need to do on the Linux box to make this happen. My linux box is multihomed as follows
PSTN WWW <===========> ADSL Router Firewall <----------------> [eth1 192.168.x.x] Linux Box [eth0 172.16.x.x] <-----> to LAN
The desired topology is as shown.
VPN Client <------> Home ADSL Router <======= PSTN WWW =======> ADSL Router <------> eth1 Linux Box
1. The VPN is setup and bound to eth1 and eth0 and works well internally
2. IPSec, GRE and PPTP rules have been declared on the router which port map to eth1
However I am still unable to setup a VPN connection to Linux Box I suspect something hasn't been done or I have setup my NATing or IPTables correctly on the linux box.
I will try to explain a bit first about my network typology: I have one cent os 5.5 machine with 2 nics - external one 86.x.x.122 and internal one with 2 IPs: 192.168.1.1 and 89.x.x.121. The ideea is that I have a public subnet (86.x.x.120/29) of IPs which are routable only through 86.x.x.122 so I have a webserver hosted on a different machine with the IP of 89.x.x.122 and GW 89.x.x.121 - everything works perfectly fine, except that I cannot access from the internal network 192.168.1.0 / 24 the so called DMZ (roughly) - the 89.x.x.122.
What really makes me crazy is that I setup the IPtables rules correctly because I can access the webserver from the outside world but I cannot accessit from the internal network...
what I'm missing - why the 192.168.1.0/24 cannot see the 89.x.x.122 machine... What IPtables rules should I add?
I'm a new user of Ubuntu. I requested the Ubuntu 9.10 cd online and got it in around 3 weeks. I've chosen the 'Install over windows' option for my use right now. The version of windows being 'Windows 7'. The problem is that I'm unable to connect to the internet. I'm using LAN cord to connect to my modem. The 'Network Manager' tht the user manual talks about, is not to be found yet. When I click on the 'Network' icon on the top right portion of the panel, it shows that 'autoeth0' is connected but when I open firefox and try to open any website, the 'Server not found' comes up on the firefox window. Thus I'm not able to surf the web.
After years with Linux and using ssh on a daily basis I have to admit I've never setup public/private key authentication and I've never run passwordless logon to ssh. It's not that I've never tried, I have - I've just never got it working. That to me is an almost alien concept as I am a tinkerer at heart and rarely stop until something is working the way I'd like it to. I get the principle of what's going on but I've always had a mental block about it.
Our local community wants to provide broadband access for people who don't own a computer. I have been given the task of setting this up and I am going to use Ubuntu. Internet access will be via a usb dongle to a T-Mobile 3.5g network. Initially we are intending to limit access to just Internet browsing. Most users will probably be older people, rather than teenage hackers. configuring/securing a default Ubuntu install for this sort of use.
I'm using virtual network (NAT network) for my domU.When I change dom0's firewall setup, the domU will fail to connect to Internet anymore.So far, the only way to bring the network back is reboot dom0 !I try to restart service network and libvirtd on dom0 ... it doesn't work.How can I bring the domU network back without reboot dom0 ?
After a recent update and reboot, I can no longer access the internet. Typing google.com in firefox or elinks results in firefox/links complaining about the server not found. However, I can find the server by using dig on the command line. I have checked the DNS configuration in resolve.conf and it is exactly the same as on a RHEL 5 system connects fine. The strange thing is, I can connect to other local machines in my domain just fine but can not connect to any other machine on the internet on this one Fedora 12 host even though I can on all other machines!
We have a new Bussiness DSL line with 16 public addresses.What we want is to setup a DMZ to run some services and internet to the LAN. Here's a schematic of what we want:
Code:
Backup Internet Main Internet connection connection | | | | SDSL Modem BDSL Modem
I have Linux installed on one machine with samba running and a second machine running XP. They are going through my router and I am using the same username/passwords for both machines and I have even gone to the point of allowing access to everyone for the share I created and the worgroup in samba is MSHOME just like my XP machine. When I view (or search) my workgroup computers my Linux machine shows up and so do the shares I created but when I try to open them I just get a message that permission is denied and I may not have permission to use this resource. I even tried setting access to the shared folder to 777 but still I can't open this share. Has anyone got any idea of why this is?
Is there any way to setup the Centos Directory Server without an internet connection?? i tried using the command: yum install centos-ds
but this just tries to connect to the internet to to download the packages. Is there a site where i can find the package so that i can copy it to my server and install it or is there some other way to do this?
I'm trying to give some windows users a permanent connection to a samba share behind a firewall over the public Internet. I know I can give them access with something like winscp (which they have done) but really I'd like to do it with a VPN so it seems seamless to the user. However I have no idea how to set up the server to support this and am finding the documentation a bit confusing. The samba share is on a Debian box and the firwewall is a Linksys WRT54GL.
I've searched the forums (250 thread limit) for a fix on this, but all the questions seem unanswered or unrelated. My situation is this: I'm running Ubuntu x64 10.10 'Maverick'. I have a cablemodem connection for my Internet access. I have home network running on DD-WRT with the dreadful Linksys WRT54G series router.
My DD-WRT router is 192.168.1.1, subnet 255.255.255.0. My Linux box is 192.168.1.61, subnet 255.255.255.0.
I have a VyprVPN connection set up successfully on Linux. Mostly everything works great, speed's fine, latency is what I expect it to be. Except... I also run an SSH server to remotely admin the box at port 22, an Apache server running over SSL at port 7001, and a Transmission web client at port 7002 (only secured by basic HTTP realms auth). All of these things worked before I got the VPN working, I'm of course using NAT at the DD-WRT router.
The endresult I am looking for, is to have the security and protection of the VPN (even if it's only perceived) for everything I do on this machine -- EXCEPT on Apache, the Transmission web panel, and the SSH server, which I want to access from the outside world. I have no firewalls running or configured, not even iptables, not even the SPI firewall on DD-WRT. All connections to the aforementioned services from the outside world timeout coming in to the Linux box. They all work from inside my home network (182.168.1.0/24). In case it's needed, he's my routing:
I have installed the CentOS 5.3 on VMWare. Then I Have Installed Apache ,PHP , Mysql with the flowing Command : yum install httpd yum install php yum install mysql yum install mysql-server yum install mysql-devel yum install php-mysql
Then I tested my Web Server , Data Base server and PHP Whit Create A PHP Page that work to Mysql this Test is successfully. Next I ping my machine IP (192.168.6.131) and then Ping windows xp machine. Even I Ping My Linux machine in Windows XP. But when check the PHP Page Or Local host in Linux machine whit Browser (IE or FF in XP), Response (IE:) Cannot display the webpage or (FF:) The connection was reset.
I setup a server last night and was able to remotely connect to it and access the internet with it. However, now that I have setup /etc/network/interfaces so that the server will have a static IP address, I cannot access the server remotely. Also, from the server itself, I cannot access the internet. Ping provides "unkown host" for any website I try. How do I fix this?! I don't know why this is happening.
Here is my interfaces file: Code: ... #The primary network interface allow-hotplug eth0 # also tried with and without auto eth0 # auto eth0 iface eth0 inet static address 192.168.133 netmask 225.225.225.0 gateway 192.168.1.1 This is the only NIC on the server.
Here is ifconfig: Code: eth0 Link encap:Ethernet HWaddr xx:xx:xx:xx:xx:xx inet addr: 192.168.1.133 Bcast:192.168.1.225 Mask:225.225.225.0 UP BROACAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txpueuelen:1000 RX bytes:0 (0.0 B) TX bytes: 0 (0.0 B) Interupt: 29
Attempting to leave the world of windows, but apparently I am not understanding some basic Linux concepts. I am thinking that I want to create a public profile to store music and video in, or are the music and video folders in each user already shared to all other users of my system? Not asking for networking this to other computers yet, just the best way to ensure all users can access the same info.
I set up a mail server today. Everything works except I can't access the damn squirrelmail web interface from the internet.
I followed this guide here: [URL]
I can access http://192.168.0.50/squirrelmail just fine from a computer on my local network.
*BUT*
When I access http://mywanip/squirrelmail, i get a connection timeout.
When I access http://mywanip, I get the standard Apache "IT WORKS!" Page. (Rules out port forwarding)
According to the guide, that should allow me to access squirrelmail from the internet on my server. Its as if Squirrelmail is only available on my local interface and not on my wan interface? How do I check?
On computer, I have apache server, configured at port 80, running. In local network, web page is accessible by my local IP (192...). Although, when I want to get to the page from the internet, I don't know right ip address, since router's one should be local, and also, router has it's own web page running at port 80. So I guessed that my server IP would be modem's one, which I don't know. Sometime in past, I figured out address of modem too, but it has it's own application running. Also, router supports port forwarding (which I guess, is needed), but I don't know how to get using to it. what address from internet should I have? How should I determine it?
how would i set up my Fedora 12 box to connect to the internet using Android SDK's adb forward tcp:8080 tcp:8080 while my phone is pluged in via USB? I'm able to set it up for Firefox. But how do i set it so i can access the repos? i'm using my phone for an internet connection(not WIFI)the app is called proxoid
I just finished downloading the latest version of xubuntu on my dell insperon 1545. I went to set up the internet and i cannot figure out how. In the top right corner the connection icon has only one option that i can select, and thats configure the vpn settings i think. I installed it using dual booting next to windows 7, so i keep switching back and forth trying to look something up and go back to see if it will work. However, i think i should make the point that i've never worked with any linux type o.s. before.
I newly installed ubuntu 9, but I am not able to setup the internet dialer. I am not using cable modem. Lan cable from my isp's switch is directly connected to my Pc's ethernet card. In windows XP one dialer is created using Rasppoe. In ubuntu I tried it using pppoeconf command but itis notable to setup the connection.
I installed OpenSSH via tasksel and am using Webmin for administration. I'd like to be able to SSH externally and want to setup the necessary public/private keys to use in FileZilla. In Webmin, under Servers > SSH Server I can click 'Host Keys' and see an RSA key. Is this the public or private key for my server? Do I need to copy this into a text file to import it into FileZilla on my remote PC (that I want to connect from)? Is that all that needs to be done (aside from opening the port on my router/firewall)? Or, is there an automated way to set this up via Webmin?
Running Ubuntu 9.10 Ive just got my wireless connection working after first having got the wired eth0 connection working.
With the wired connection I could SSH into my server through my firewall/router (via a forward). I can run up VNC, from there firefox, browse the web - all is well.
I have now setup the wireless connection, using a static IP, and I can likewise SSH into my server. I can run up VNC. I can ping my router. I can log onto it via VNC. I can browse to my router. But I cant browse the internet.
But I cant ping google.com. The reason is there is no host lookup service. Nslookup eventually says no servers could be reached.
So specifically, if I ping www.google.com Im told "unknown host". If I do an NSlookup on it I get timeout, no servers could be reached. However if I ping 66.102.11.104 I get responses.
I see no relevant entries in my firewall log.
Unfortunately I cant traceroute because the package isnt found - and of course I cant install it because I have no internet !
Strangely (to me at least !) if I then tunnel through SSH and browse the web, I have no problems. It works ? I know I am browsing through my SSH tunnel because whatsmyip gives the IP of my router at home, not where Ive SSHd in from. I can surf just fine.
why I cant do host lookups any more (and this did work with my wired connection, but whether its related to my change to wireless, or static IPs or both I cant be sure - it certainly appeared to happen at the same time). And, more to the point, what I need to look for/do to rectify it ?
As a bonus Id be interested in why I can SSH and browse via tunnelling but not direct from my server (via VNC). Just for interests sake !
if config reports :
wlan0 Link encap:Ethernet HWaddr 00:90:4b:27:ae:17 inet addr:192.168.1.69 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::290:4bff:fe27:ae17/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
I have BIG troubles trying to set up wired internet connection in Ubuntu! To be able to connect to the internet I have to enter my MAC address, 2 IPs, netmask and 2 DNS address. When I try to edit the default internet connection eth0 with my correct information, the minute I enter my MAC address and save the changes the network manager creates new internet connection with wrong data and use it instead! I can't select the correct internet connection from the top bar where the internet icon is, because it is just not there. The only connection that I can choice is the new default one with the wrong data! If I try to create new separate internet connection with my correct data the same thing happens! The moment I enter my MAC address and save it, the internet connection disapears from the list of internet connections in the internet area in the top bar and I can't select it. I tried googling it, but with no luck I think that if I set up my connection trough the terminal everything will be ok
There is 2 networks that I would like to be part of
a) Through my wlan0 --> Internet DSL
and
b) Through my eth0 --> WUG - PTAWUG
I can only get one of the networks to work at 'n time. The wlan0 works fine when I start my PC, but when I want to access the WUG I need to do the following command:
with the above command, I can then access the WUG but not the internet through my wlan anymore.all data goes to my wlan as standard unless its on the 172.16.0.0 network
I would like to set up a user account with no network access. Reason is that sometimes my little daughter plays with the computer (for example watching movies on dvd's) and I want to prevent internet access in case she plays unattended. Is there a simple way to do that? I am using ubuntu 10.04.
Just installed ubuntu 10.10 on a Compaq Presario X6000 laptop... installed it inside Windows 7 and now I'm having problems going to the internet (wired.. or wireless).
I have 1 root-server with 2 NICs, both having their own internet IP addresses:
Code: eth0 = 8x.x.x.183 eth2 = 8x.x.x.205 We only have one gateway on that network: Code: gateway = 8x.x.x.1 We want to use eth2 for postfix + http, and eth0 for all the other stuff.
How can this be setup ? With route / ip route / iptables ?
I am on home internet access so it does not have a fix IP. I would like to set my web server to be accesible from outside. So what I do? First I must set my router to point access for port 80 to this machine. Then in the machine I open port 80 right? Then what software must I install is it no-ip?
