Unfotunately i have to solve this based on software*i need to isolate each company to protect their info from others*i have 3 companiesand last one thing i need to see each company's traffic statics for long time periods. and i need to be able to limit their traffics
that is all ,but as i see on open vpn i could not group users.i have a cisco router which i could see the traffic of my servers external *ip addresses so i decide to see them from there via giving each company one external ip to connect to internet .
but i could not decide yet how to do it
*is there any body have an advice for me ?
2010/4/10 John R Pierce <firstname.lastname@example.org>
cahit Eyigünlü wrote:
> is there any possibility to do this on cent os
> for example company one will be in the block of 10.0.0.0.1-10.0.0.255
> and routed to the one of my external ip
> company two will be in the block of 22.214.171.124.1-126.96.36.199 and routed
> to the one of my external ip
I am not sure what you mean by 'routed to one of your external ip
so, you are at a third site, and want a tunnel to both companies networks?
btw, I know those are just example addresses, but 11.x.x.x is not a
reserved network * instead, that should be 10.1.0.xxx or something.
> i just need an advice is this better on windows vpn or llinux vpn
> server do you advice me any server software like open vpn or sth. else
assuming its a routing that makes logical sense, it should be easy to
implement with OpenVPN. *you'd need a firewall running openvpn at each
of those companies then your end could inititate the connections to each
of them. *I'm not sure why you'd have to use two internet addresses at
your end, rather, you'd just have an net like 10.2.0.xxx and the VPN
tunnels would route between those networks. * I'm assuming company 1 and
company 2 don't want any direct routing between them, so you'd have to
make sure you're not providing that route (eg, 10.0.0.xxx should not
have a route to 10.1.0.xxx or visa versa)
as far as 'better'? *better is what you or the people who will be
administrating this is most familar with. * often, easiest is to use VPN
appliance routers, like watchguards, or netscreens as the firewalls at
all these sites.
CentOS mailing list
CentOS mailing list