Unfotunately i have to solve this based on software i need to isolate each company to protect their info from others i have 3 companies and last one thing i need to see each company's traffic statics for long time periods. and i need to be able to limit their traffics that is all , but as i see on open vpn i could not group users.i have a cisco router which i could see the traffic of my servers external ip addresses so i decide to see them from there via giving each company one external ip to connect to internet . but i could not decide yet how to do it :) is there any body have an advice for me ? 2010/4/10 John R Pierce <pierce at hogranch.com> > cahit Eyigünlü wrote: > > is there any possibility to do this on cent os > > > > for example company one will be in the block of 10.0.0.0.1-10.0.0.255 > > and routed to the one of my external ip > > company two will be in the block of 11.0.0.0.1-11.0.0.255 and routed > > to the one of my external ip > > > > I am not sure what you mean by 'routed to one of your external ip > addresses'. > > so, you are at a third site, and want a tunnel to both companies networks? > > btw, I know those are just example addresses, but 11.x.x.x is not a > reserved network instead, that should be 10.1.0.xxx or something. > > > i just need an advice is this better on windows vpn or llinux vpn > > server do you advice me any server software like open vpn or sth. else > > assuming its a routing that makes logical sense, it should be easy to > implement with OpenVPN. you'd need a firewall running openvpn at each > of those companies then your end could inititate the connections to each > of them. I'm not sure why you'd have to use two internet addresses at > your end, rather, you'd just have an net like 10.2.0.xxx and the VPN > tunnels would route between those networks. I'm assuming company 1 and > company 2 don't want any direct routing between them, so you'd have to > make sure you're not providing that route (eg, 10.0.0.xxx should not > have a route to 10.1.0.xxx or visa versa) > > > as far as 'better'? better is what you or the people who will be > administrating this is most familar with. often, easiest is to use VPN > appliance routers, like watchguards, or netscreens as the firewalls at > all these sites. > > > > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20100410/6cc675d5/attachment-0005.html>