[CentOS] VPN

Sat Apr 10 10:27:40 UTC 2010
cahit Eyigünlü <cahit.eyigunlu at gmail.com>

Unfotunately i have to solve this based on software
i need to isolate each company to protect their info from others
i have 3 companies
and last one thing i need to see each company's traffic statics for long
time periods. and i need to be able to limit their traffics
that is all ,
but as i see on open vpn i could not group users.i have a cisco router which
i could see the traffic of my servers external  ip addresses so i decide to
see them from there via giving each company one external ip to connect to
internet .
but i could not decide yet how to do it :)
is there any body have an advice for me ?

2010/4/10 John R Pierce <pierce at hogranch.com>

> cahit Eyigünlü wrote:
> > is there any possibility to do this on cent os
> >
> > for example company one will be in the block of
> > and routed to the one of my external ip
> > company two will be in the block of and routed
> > to the one of my external ip
> >
> I am not sure what you mean by 'routed to one of your external ip
> addresses'.
> so, you are at a third site, and want a tunnel to both companies networks?
> btw, I know those are just example addresses, but 11.x.x.x is not a
> reserved network   instead, that should be 10.1.0.xxx or something.
> > i just need an advice is this better on windows vpn or llinux vpn
> > server do you advice me any server software like open vpn or sth. else
> assuming its a routing that makes logical sense, it should be easy to
> implement with OpenVPN.  you'd need a firewall running openvpn at each
> of those companies then your end could inititate the connections to each
> of them.  I'm not sure why you'd have to use two internet addresses at
> your end, rather, you'd just have an net like 10.2.0.xxx and the VPN
> tunnels would route between those networks.   I'm assuming company 1 and
> company 2 don't want any direct routing between them, so you'd have to
> make sure you're not providing that route (eg, 10.0.0.xxx should not
> have a route to 10.1.0.xxx or visa versa)
> as far as 'better'?  better is what you or the people who will be
> administrating this is most familar with.   often, easiest is to use VPN
> appliance routers, like watchguards, or netscreens as the firewalls at
> all these sites.
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos/attachments/20100410/6cc675d5/attachment-0005.html>