We are using Linux machine as a gateway server to connect our local network to wan. We use pptp vpn to connect our remote customers network, is it possible to connect VPN to the gateway and make local network to connect through it? So that there is no need to connect vpn in every local client.
View 3 RepliesI cannot connect to the windows gateway from red hat Linux which is installed on VMware workstation. I cannot ping to the gateway from Linux.
View 2 Replies View RelatedI have configured bonding on 64 bit centos 5.4 I have to put the machine to a different VLAN for that i did the Ip change and restated the network. but i cant ping the gateway or any other server in that network. the cofig files are as follows
vi /etc/modprobe.conf
alias eth0 bnx2
alias eth1 bnx2
alias scsi_hostadapter aacraid
alias scsi_hostadapter1 ata_piix
alias usb-controller ehci-hcd
alias usb-controller1 uhci-hcd
alias bond0 bonding
options bonding mode=1 miimon=100
[Code].....
I haven't worked with linux before, I am a network administrator, mostly working with cisco routers and windows 2003 server configured with ISA, I want to shift to linux, since its a free OS, offers more than windows 2003 server, and I have the time and resources to test it at my work place, I want to give it a try. Now ... this is what I want:
I want to use Linux OS (server or desktop editions) as Internet Gateway, I have less than 50 hosts (internet users) on my network, and I simply want to know what is the most convenient linuxs distro for me to work with as a beginner to install, configure and administrating a linux OS(working as an Internet Gateway).
Its a simple network, 50 users connected to a switch, the switch to a server (where I will run the linux OS), the server to a cisco router, the router to the internet line. (Any tips on what do I need to be able to configure firewall rules and user activity monitoring like I am used to do with ISA on windows server 2003).
I have one scenerio ,I want to use my Linux PC as residential gateway .I have only one NIC connected to my PC(I cannot connect more) to handle this problem I am using switch . All the devices including my PC are connected using switch (Please refer attached file). I am not sure how can I achieve this ? I am familiar with NAT and DHCP but do not know is this possible in this case?
View 11 Replies View RelatedOur firewall (debian) currently has 4 public ip addresses (eth0 1.2.3.4, eth0:0 1.2.3.5, eth0:1 1.2.3.8, eth0:2 1.2.3.9) and 3 internal subnets (eth1 10.1.x.x, eth1:0 10.2.x.x, eth2 10.7.x.x). We are experiencing the following two problems which I believe have the same root cause. 1) The firewall cannot access beyond the isp gateway (1.2.3.1). 2) From externally, we can ping eth0 with no trouble, however, pinging the eth0:0, eth0:1 and eth0:2 interfaces have results similar to the following:
Code:
PING 1.2.3.8 (1.2.3.8) 56(84) bytes of data.
64 bytes from 1.2.3.8: icmp_seq=2 ttl=57 time=59.0 ms
64 bytes from 1.2.3.8: icmp_seq=2 ttl=57 time=63.0 ms (DUP!)
64 bytes from 1.2.3.8: icmp_seq=13 ttl=57 time=59.3 ms
64 bytes from 1.2.3.8: icmp_seq=13 ttl=57 time=63.0 ms (DUP!)
64 bytes from 1.2.3.8: icmp_seq=24 ttl=57 time=62.0 ms
64 bytes from 1.2.3.8: icmp_seq=24 ttl=57 time=65.6 ms (DUP!)
I get the feeling that I'm missing something obvious, especially since all traffic on the internal subnets can access externally as normal.
Right now I cannot ping to my default gateway. The machine also has SuSE installed on a separate partition. Networking with the same parameters runs fine in that installation.
I use a troubleshooting checklist for situations like this:
- network troubleshooting checklist
- (case of wired connection with static ip)
- make sure net cable is well plugged in on both sides. CHKD.
- make sure ifconfig eth0 details the static IP you want set and that the iface is running (this stage is quite a head start if you've got to it. It would suggest that you have rc.inet1.conf set up properly. CHKD.
- HAL checked against eth0, and it also specifies eth0 for this interface.
- no problem pinging to 127.0.0.1
- type "route" and see if your default gateway comes up. SEMI-CHK: it does come up but takes a long while .. that's bad sign. It still means your rc.inet1.conf is OK, but here's something else up.
- check /etc/resolv.conf for your nameservers .. just in case some over-zealous program has decided to overwrite it. CHKD, all OK .. I use the google nameservers 8.8.8.8 and 4.4.8.8
Despite using what I thought were decent tools of the trade, if I unplug the cable they give the same output!
I've just installed fedora 10 on my Dell Inspiron 1525, and I can't connect to my wireless net. I know how to manually enter the SSID (and have no clue what a BSSID is), MAC address, and I know it's infastructure (well, it's not ad-hoc, so it must be).
The problem is, my router uses a 64-bit encryption protocol, and there's no '64-bit' key option under Wireless Security's dropdown. Is there any way around this, aside from either changing the encryption protocol, or plugging it in manually (neither of which are options)?
I have two computers. The first computer has windows xp in it and is a member of the local lan with ip address 192.168.11.21. The second is my laptop having ubuntu 8.10.Both these computers are connected to each other via the broadband router which assigns ips 192.168.1.3 to my laptop and 192.168.1.1 to my desktop. I am able to browse the lan of 192.168.11.x via the desktop and I want the same possible on my laptop whose only connection is through the router to the desktop. Is there any way I can do it?
View 1 Replies View RelatedI have been beating my head for the last few weeks on this problem, (although I have been taking the wrong approach, it seems).
I need a gateway to direct web traffic to three separate servers/domains. I have been trying to do this with both a dns server and , (seperatly), apache server to forward requests. The dns server was a no go, and <i can only get apache to redirect http and ftp.
After Googling this ALOT, I believe that what I need is a gateway server to redirect my traffic to the 3 different servers. I have been reading about using using nat and iptables for this and was wondering if anyone had any advice/suggestions on this. The other thought I had was to use something like pfSense to create the gateway, but I am still reading the documentation, and I am unsure if this approach will work.
On a remote system, when all you have is the ssh CLI -
How do you find out the ip addresses for:the Gateway
the DHCP server
the DNS server
Don't need to make any changes.
Which commands will display this info?
I want to configure an Internet Gateway with having proxy, firewall rule, bandwidth controller for an office containing 100 employee. can anyone suggest me which platform will be best and steps how can I implement it.
View 5 Replies View Relatedwe have a problem in accessing the site hosted on our web server from today.Till yesterday it worked fine. But when tried to access through domain name this morning it throws bad gateway error."The proxy server received an invalid response from an upstream server". this is the error i am getting.But it can be accessed fine using the ipaddress.All my dns entries are right.
View 2 Replies View RelatedI got 2 servers, each on different locations (server 1 and server 2). I want all traffic on server1 included web browsing, applications etc., be always going through server2, like a gateway. I want the traffic to be encrypted (maybe use VPN?) So if I browse, or any logs pick up ip adresses from applications used by server1, I want it to display the IP address from server2 (Might be the wrong way to say it).
I always wants server2 to act as an firewall and logserver that logs all the traffic. I was thinking about using Snort for IPS/IDS solutions and OpenVPN for the traffic, but what can I use as a firewall? Most firewalls I find on google has its own OS/Distribution. Maybe Squid for logs? But squid does not support much protocols. Distribution on both servers are updated Debian/Ubuntu based.
I just set up a linux server which is acting as an internet gateway. For specific reasons, clients first make a vpn connection trough the internet to the linux server.
CLIENT ---->Internet----->Linux VPN Server ------> Internet
On the linux server iptables is configured for NAT. The problem is that the internet speed becomes slower than expected. I used windows and RAAS and the speed was pretty good. The server has only 1 NIC(eth0) and an alias interface is added to eth0. The alias is eth:0 with ip address 192.168.0.253
iptables config is as follows:
iptables -P INPUT ACCEPT
iptables -F INPUT
iptables -P OUTPUT ACCEPT
iptables -F OUTPUT
iptables -P FORWARD DROP
iptables -F FORWARD
iptables -t nat -F
iptables -A FORWARD -d 192.168.0.0/24 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/24 -j ACCEPT
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -j SNAT --to MY_VALID_IP
setup 2 gateway in my email server(opensuse).
now i wan to setup 2 internet lines for my email server, which mean that either one of the line is down, i still can receive mail from another line.
Example
Internet line 1 = ISP1
Internet line 2 = ISP2
my email server got 3 nic which...
eth0 = 192.168.1.2 (255.255.255.0) (from ISP1 GW 192.168.1.1)
eth1 = 192.168.2.2 (255.255.255.0) (from ISP2 GW 192.168..2.1)
eth2 = 168.168.1.2 (255.255.0.0) (connect to local LAN)
now existing GW set on the server is 192.168.1.1, mail receive and send through ISP1. now we wish to set somethings that once the ISP1 line is down, the server will auto switch to ISP2 gateway and continue send and receive mail without manually change of settings
I have set up qmailtoaster as a gateway for exchange.
my smtproutes contain this:
thedomain.com:mail.exchange.com
and my rcpthosts contain:
thedomain
The problem I am facing now is, the exchange was able to send mails through me alright. But when mails come in, qmailtoaster is suppose to forward the mails to the exchange server but it is not, rather the mails are sitting in the toaster's queue.
Basically I'm working as part time administrator in a company, and still am at college. To keep the story short, the company I work with used to have a linux gateway, namely Untangle. We tried to upgrade to E-Box, which is supposed to have more options than Untangle, but it doesn't seem to work as it should. What I'm trying to ask here is this. I need a gateway system that handles QoS, Content filtering, Mail Filtering, DNS, Wan failover / load balancing, LOGS (important), Firewall and maybe the handling of separate users or groups. The ideal solution would be one that like the E-box, has a central control system, without the need to adjust code in CLI for configuration. I have some experience on CentOS and Fedora, so I am able to do some configuration, like installing Samba, DHCP and VNC.
View 2 Replies View RelatedI can very well configure squid transparent proxy on gateway server.But i want the squid transparent proxy on non-gateway system as i already have hardware firewall installed.i.e i want to redirect all the traffic coming through my gateway (hardware firewall) 192.168.200.1 to my squid server 192.168.200.3 on port 3128.How it is possible? Without transparent proxy by directly giving proxy ip in browser i can access internet but how to do it in transparent mode?
View 8 Replies View RelatedCan any one suggest which versions and flavour of linux is best suitable for GATEWAY server or in which version and flavour of linux this gateway server is available, which is used for internet management with MAC locking.
View 7 Replies View RelatedI am implementing an automated backup scheme so I created a shell script which first creates SQL dumps for all MySQL databases, then retrieves all websites from the /var/www directory of a remote server. The latter is working as I am using rsync to get the remote files.However, the MySQL dumps being retrieved are the ones from the local server which is not what I want. I want to get the SQL dumps from the remote server as well.I have a tunnel between the local and remote server which I can connect to without using any password (I added the public key to the authorized_hosts), so I tried to add the following code to the script:
ssh user@192.168.x.xxx
I then attempted to retrieve the SQL dumps and exited from the remote server. However this does not work as I still have to enter exit manually in the terminal for the SQL dumps to be retrieved from the remote host. I don't know why this is happening. This is what the script is trying to do:
//connect to remote server
ssh user@192.168.x.xxx
//retrieve SQL dumps
[code]...
Is there a way to connect to the remote host AND run the script's code on THAT remote host?
I have been searching google for a while now and have not found exactly what I am looking for. I would like to use my fresh install of ubuntu server 11.04 as my router/gateway for my home. I am not an expert at linux by any means but I can usually figure stuff out. I believe I need iptables, bind, and a few others probally. It eventually will also be a samba server but I have done a little with samba before. I do have 2 network cards, my router at the moment is starting to die and would love to have a more powerful router. I would also like to figure out how to do port forwarding in the router, as well as be able to see the load on the network cards. Maybe there is a program to show usage by user? As well as be able to do packet pritorization.
View 4 Replies View RelatedI want to do is setup a gateway(or router, idk what Ubuntu refers to it as.). So my set up would be Modem>Server>Switch>Router. I know that I need to set up it up as a DHCP server as well. I would also like to setup it up as a firewall too. I already have two Gbit cards that are already configured. So how do I do this? I already tried one tutorial, but it was old and was for Debian. I also installed ebox, but I couldnt figure that out either.
View 2 Replies View RelatedI posted it on another forum, but could not get response,So I have this cenOS, Ubuntu and windows operating system running on virtual machines.Now I gave them manual ip address, both ubuntu and windows machines can ping the default gateway, but not the CentOS.It should forward 0.0.0.0. to my cisco router address(192.168.5.254),
View 4 Replies View RelatedI have installed dhcp-server on ubuntu. And server is providing ip address to clients (Window machines) but not default-gateway but I have another network in my network and same configuration and same dhcp-server provides every information.
View 5 Replies View RelatedSince I have a new internetaccount, 2 days ago, I have a problem on my server [Fedora Core 8]. I use it as a router.
eth0 is for the internet.
eth1 is for my LAN.
But since my new internetaccount my server uses eth1 for the internet. This is a line from my syslog:
Code:
NetworkManager: <info> Policy set 'System eth1' (eth1) as default for routing and DNS. I killed the NetworkManager daemon and now it works but this must not be the way to do it? Where do I tell my server that I use eth0 for routing and DNS?
I have setup an ubuntu gateway server by using four NIC cards.
eth0 :210.212.235.107 is connected to the internet
eth1 :192.168.1.222 is connected to the local network
eth2 :192.168.2.222 is connected to another network
Here 192.168.1.222 is the gateway for 192.168.1.0 network and 192.168.2.222 is the gateway for 192.168.2.0 network.These network configurations are working fine, but i want to block inter network communication ie from 192.168.1.0 network to 192.168.2.0 network,i want to block the communication for securing the local networks more.I know iptable rule is enough for this purpose .But i cant find the apt rule for this purpose.
setting up my ubuntu server I would also like to run ubuntu desktop for the GUI.
setting up the static ip address with a 2wire gateway from att.
What I need is some information to be studied and learned by me in order to be able to create with Ubuntu Server an Internet Gateway Server. From my ISP I get about 50 public routable IPs through DHCP. Into my LAN I need to forward this public routable IPs to machines but I want to be able to manage bandwidth and also to be able to enable or disable Internet access for every client machine. Maybe with subnets? Maybe with dchp really? It would be nice if it would possible through DHCP!
View 2 Replies View RelatedI am looking for some advice on how best to lock down our office network to keep our employee's from wasting time on sites like facebook and ...... This will be my first time setting up a server as a gateway in a production environment so I thought I should get some suggestions on what the best packages would be to do this.
I essentially need to lock down our network so that i can monitor what everyone is doing on the Internet and block it if needed. it doesn't have to be web based or have a bunch of gui's, im fine with command line, configs and log files, but it would be nice.
I'm interested in commercial products as well as long as they are linux based.