Hi folks,

Joined forum long time ago but this this the first time I'm starting up a thread here. I'm a newbie so feel free to correct and suggest your ideas if any. I happy to try new things.

Let me describe my requirement: I would like to build up a Linux box with two NICs eth0 and eth1. Eth0 connected to subnet 192.168.1.0/24 and the Linux box will have internet connection via my home gateway. eth1 have subnet 192.168.2.0/24. This subnet will have dhcpd installed on linux box and provide IP addresses for client connected to this VLAN.

I have another VPN server over public internet, let's say VPN gateway is 65.66.67.68 running PPTP protocol. I want my Linux box connected to this VPN gateway (with my credentials) and got VPN client acquired address like 10.11.12.13.

After my Linux box connected to VPN, I want my Linux box sharing this VPN connection via overloaded NAT (PAT). It's mean that from server perspective, my VPN server only see and only accept connections from 10.11.12.13. Server have no awareness about 192.168.2.0/24 and client have no awareness of VPN server.

For the OS I'm using CentOS but I'm open for suggestion. DHCP handled by dhcpd, NAT provided by iptables i believe. Any other packages are required? If you have some brief instructions that would be great.

Thank you all.

Hello,
I`ve maked a similar connectiont on 3 buildings, in 3 cityes.
Well, I can tell you what I`ve done, maybe this could help you to make a idea for a bit simplyer network infrastructure.
I had:
Server1: The Master server (S1) - City A
Server2: The Second server (S2) - City B
Server3: The Third server (S3) - City C
I`ve maked a PPTP Server on S1 - what haves 300Mbits bandwidth on internet, started the server.
S2 - connects to PPTP on S1 - bandwidth 100Mbits
S3 - connects to PPTP on S1 - bandwidth 100Mbits
What I`ve done, I`ve routed S2 and S3, to use the bandwidth connection from S1, so S2 and S3 would be less vulnerable to internet. I`ve restricted internet connections on S2 and S3 to accept connections only from S1, like SSH, etc.
Because I connect remotely on S1, and I`m not on the location to connect on server, I have a VPS at a company and I turn on the server via WEB, only when I need acces on the S1, because S1 accepts SSH connections only from the VPS. Same thing on other servers that I administer.
S2 and S3 haves DHCP Servers, with about 1000 PCs on LAN every server.

Well, you can modify all those from you`re imagination as you like. Feel free to ask more quastions.