LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 08-14-2009, 09:06 AM   #1
scheidel21
Senior Member
 
Registered: Feb 2003
Location: CT
Distribution: Debian 6+, CentOS 5+
Posts: 1,323

Rep: Reputation: 100Reputation: 100
Would like to forward requests received on Server in one subnet to server on another


Hi all, I have been looking for a solution to this since I implemented our new openVPN server at the office. We has been using MS PPTP running from a RAS box but for efficiency, security, and because the RAS PPTP software stopped working. We quickly switched to OpenVPN. That said, we had implemented OpenVPN for one user to a special subnet, however, there is no Public access via WAN to this server, for security purposes and because we don't have an IP address to serve it on, but more because of security; so he would connect to the network by connecting to PPTP VPN then to the openvpn vpn on the other network. This worked because pptp proxied all network traffic. With the new setup though our main VPN is on a network that is 192.168.100.x and the other vpn is on 192.168.168.x Our internal router knows how to route to this 192.168.168.x network, but his Windows PC isn't going to when out of the office connected by VPN, it is not going to see a route to this secondary network and try to use it's default WAN gateway. Now both openVPNs are bridged VPNs for mulitple reasons. So I think I see two solutions to this issue.

1)Push a route the clients saying that the 192.168.168.x network gateway is 192.168.100.1, not sure if this works in Bridged mode, or how well it will work, plus can you run two OpenVPN sessions at once where one needs to be tunneled over an existing VPN session, this also adds overhead.

2)Have the current Main VPN server listen for requests on the port the other VPN is setup on and then have it forwarded by proxy more or less to the second internal server. Because the gateway on the server machine network does know how to get to this other internal network.

Details about setup running a firewall/gateway with that does one-one WAN IP translation to internal private ips i.e. WAN interface 12.22.43.65 maps to internal 192.168.100.5 anything coming in on that WAN IP gets directed to the internal IP addresses that are mapped. So we have an external IP that maps to our main VPN server. There is no port forwarding so I cannot redirect to the other server on that mapped IP address. So is there anyway to do this?
 
Old 08-14-2009, 10:19 AM   #2
kbp
Senior Member
 
Registered: Aug 2009
Posts: 3,790

Rep: Reputation: 653Reputation: 653Reputation: 653Reputation: 653Reputation: 653Reputation: 653
hi scheidel21,

Not sure if this suits your situation, but how about putting in a bounce box ie.

User connects over vpn1 to bounce box (rdp,ssh,nx etc) then connects over vpn2 to final destination

possible ?


cheers
 
Old 08-14-2009, 10:58 AM   #3
scheidel21
Senior Member
 
Registered: Feb 2003
Location: CT
Distribution: Debian 6+, CentOS 5+
Posts: 1,323

Original Poster
Rep: Reputation: 100Reputation: 100
That's what option one is, but can I start two openvpn with one that requires session one be open first?
 
Old 08-16-2009, 09:20 AM   #4
kbp
Senior Member
 
Registered: Aug 2009
Posts: 3,790

Rep: Reputation: 653Reputation: 653Reputation: 653Reputation: 653Reputation: 653Reputation: 653
Hi scheidel21,

Sorry, I'm not sure whether you can do that with OpenVPN, please let us know though if you do get it to work,

cheers
 
  


Reply

Tags
bridged, ip, nat, openvpn, proxy, redirect, routing


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
2 Subnet 1 httpd server and 2 dns server how to config? ramnit Linux - Networking 1 06-14-2009 11:33 PM
Subnet Server setup Murdock1979 Linux - Server 11 05-07-2009 03:03 PM
ignoring dhcp requests on eth0 and wlan0 define subnet mask? Person_1873 Linux - Server 1 12-15-2007 05:58 AM
How to Accept SMTP Requests for Subnet Only nytcrwlr70 Linux - Security 4 07-07-2007 01:21 AM
Forward incoming requests to another server ajaimes Linux - Networking 4 06-04-2007 01:43 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 09:59 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration