Unfotunately i have to solve this based on software i need to isolate each company to protect their info from others i have 3 companies and last one thing i need to see each company's traffic statics for long time periods. and i need to be able to limit their traffics that is all , but as i see on open vpn i could not group users.i have a cisco router which i could see the traffic of my servers external ip addresses so i decide to see them from there via giving each company one external ip to connect to internet . but i could not decide yet how to do it :) is there any body have an advice for me ?
2010/4/10 John R Pierce pierce@hogranch.com
cahit Eyigünlü wrote:
is there any possibility to do this on cent os
for example company one will be in the block of 10.0.0.0.1-10.0.0.255 and routed to the one of my external ip company two will be in the block of 11.0.0.0.1-11.0.0.255 and routed to the one of my external ip
I am not sure what you mean by 'routed to one of your external ip addresses'.
so, you are at a third site, and want a tunnel to both companies networks?
btw, I know those are just example addresses, but 11.x.x.x is not a reserved network instead, that should be 10.1.0.xxx or something.
i just need an advice is this better on windows vpn or llinux vpn server do you advice me any server software like open vpn or sth. else
assuming its a routing that makes logical sense, it should be easy to implement with OpenVPN. you'd need a firewall running openvpn at each of those companies then your end could inititate the connections to each of them. I'm not sure why you'd have to use two internet addresses at your end, rather, you'd just have an net like 10.2.0.xxx and the VPN tunnels would route between those networks. I'm assuming company 1 and company 2 don't want any direct routing between them, so you'd have to make sure you're not providing that route (eg, 10.0.0.xxx should not have a route to 10.1.0.xxx or visa versa)
as far as 'better'? better is what you or the people who will be administrating this is most familar with. often, easiest is to use VPN appliance routers, like watchguards, or netscreens as the firewalls at all these sites.
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos