Urgent help required.............

Taking care of your Linux box.

Urgent help required.............

Postby smk08 » Wed Aug 12, 2009 11:20 am

Asslamu Alaikum

dear please guide me how to configure the following scenario.

my local network is 172.16.0.0/16. these client computers are connected to internet via squid proxy server whose lan ip is 172.16.0.1 and wan ip is 125.209.109.103 with gateway 125.209.109.134
A vpn connection is created between plant and head office.
from the squid server machine i can easily access the systems of head office via vpn.
kindly guide me how to allow clients of my local network(172.16.0.0/16) to access the systems of head office via vpn.



Jazaak Allah.
Shahid Mahmood
0321-4538113
i am crazy to learn linux
smk08
Naik
 
Posts: 56
Joined: Fri Aug 08, 2008 1:44 pm
Location: Sheikhupura, Pakistan

Postby osama1 » Wed Aug 12, 2009 11:47 am

It seems that u didnt forward VPN port for your local LAN

1723 Virtual private network (VPN)
osama1
Lance Naik
 
Posts: 33
Joined: Fri Jul 17, 2009 10:02 am

Postby smk08 » Wed Aug 12, 2009 11:56 am

Asslamu Alaikum

Thanks for ur guidance

dear fellow u mean i have to forward port for 172.16.0.0/16 network on my vpn router.

Kindly guide me in detail.


Jazaak Allah
Shahid Mahmood

0321-4538113

i am crazy to learn linux
smk08
Naik
 
Posts: 56
Joined: Fri Aug 08, 2008 1:44 pm
Location: Sheikhupura, Pakistan

Postby osama1 » Wed Aug 12, 2009 2:33 pm

It depends upon overall ruleset of your box. If I use it for my machine I just need to add these lines

$IPTABLES -A INPUT -p tcp -s 172.16.0.0/16 -d 0/0 --destination-port 1723 -j ACCEPT
$IPTABLES -A FORWARD -i $INTERNAL_INTERFACE --dport 1723 -j ACCEPT

+ masqueraded
osama1
Lance Naik
 
Posts: 33
Joined: Fri Jul 17, 2009 10:02 am

firewall

Postby saifkhan123 » Sat Aug 22, 2009 10:57 am

if you have any additional firewall (e.g PIX, ASA etc) in between, than you have to open the port on the firewall also,
everything that seems to be true is not always true.
saifkhan123
Cadet
 
Posts: 7
Joined: Thu Apr 23, 2009 8:26 am

Postby kbukhari » Mon Aug 24, 2009 10:06 pm

what is network address for other side?

in that case point your both sided clients gateway towards their respective VPN. and add routes for both sides on both vpn gateways.
--
Syed Kashif Ali Bukhari
+92-345-8444420
http://sysadminsline.com
http://kashifbukhari.com
kbukhari
Major General
 
Posts: 1222
Joined: Sat Dec 31, 2005 12:29 am
Website: http://kashifbukhari.com
Location: Lahore


Return to “%s” Administration

Who is online

Users browsing this forum: No registered users and 1 guest

cron