Corporate VPN service with separate nets for different users/groups
Hi
We are going to host some services for customers with separate private networks for each customer. Each customer will need one or more users.
I have to put up a VPN solution, and I would like to use something that will work on "any" platform, easily, without too much installation/configuration. I feel PPTP is a good option since the "agent" is included on most platforms. We have a firewall/router on a Debian Linux server, and I'd like to extend it's services to include the VPN service. It has access to all nets, so it should be easier to get that to work.
My firewall/router has four interfaces, but only three of concern. eth0 is the outside, eth1 is the inside and eth2 is DMZ. I use proxyarp to get traffic from eth0 to eth2, with iptables filtering. eth1 has three internal nets in the 192.168.* series. The new nets I want to use for customers will be separate VLAN's on that interface with 10.20.x.* addresses. The firewall/router will of course have an IP in each of these (typically .1).
The big question is how to set this up? Can pptpd be used? Should this be done on a separate server?
Hello everybody,
I used to log in to my office via PPTP VPN, but on last October 5th I updated my installed Debian Squeeze and it caused my VPN service (client-side) to fail. After this upgrade I'm unable to log in to the VPN server. Here follows the log:
#tail -f /var/log/messages
Plugin... (0 Replies)
Hi
Could anyone please suggest how we can check in Linux if a user or a group name is already existing? In case of a user the command should also be able to specify the user with a given directory and shell. We can of course check this using a grep command but since that is just a pattern match,... (12 Replies)
Happy Thanksgiving Everyone!! I have a question about adding users to multiple groups. Thanks in advance
Using Red Hat and here are the issues:
Example:
Users:
Bob
Mark
Groups:
SystemsAnalysts
BusinessAnalysts
If I am adding a user Bob to both groups (SystemsAnalysts and... (2 Replies)
Hi
I am new to unix so hopefully someone can help. I need to list all the users I have in my unix enviroment (AIX) and the groups (primary and secondary) they belong to.
Can anyone help?
Many thanks in advance (2 Replies)
How do I remove a user from a group? I'm using the usermod command but its not working.
I have a user "abc" who is a member of the groups root and other. I'm trying to remove him from the group "other" (using CLI) which is his secondary group but it's not working.
How do I do this? Is there any... (11 Replies)
hi eveyone i've recently requested my unix admin to create a userid for 2 groups. He created the id and i can see it by grep "id" /etc/group.
But when i login with that id into unix and try to cd that group it says permission denied. something like cd /groupname -- permission denied
Can my admin... (1 Reply)
RH 7.2
I'm trying to list the users & groups on my machine. I found the lsuser & lsgroup commands but no associated man pages.
I typed: lsuser
I get --> Valid options are: -a
So I typed: lsuser -a
I get --> Valid options are: groups, home
So I typed: lsuser -a groups
I get -->... (2 Replies)
NETWORKMANAGER(8) System Manager's Manual NETWORKMANAGER(8)NAME
NetworkManager - network management daemon
SYNOPSIS
NetworkManager [--no-daemon]
DESCRIPTION
The NetworkManager daemon attempts to make networking configuration and operation as painless and automatic as possible by managing the
primary network connection and other network interfaces, like Ethernet, WiFi, and Mobile Broadband devices. NetworkManager will connect
any network device when a connection for that device becomes available, unless that behavior is disabled. Information about networking is
exported via a D-Bus interface to any interested application, providing a rich API with which to inspect and control network settings and
operation.
NetworkManager will execute scripts in the /etc/NetworkManager/dispatcher.d
directory in alphabetical order in response to network events. Each script should be (a) a regular file, (b) owned by root, (c) not
writable by group or other, (d) not set-uid, (e) and executable by the owner. Each script receives two arguments, the first being
the interface name of the device just activated, and second an action.
up The interface has been activated. The environment contains more information about the interface; CONNECTION_UUID contains the UUID
of the connection. Other variables are IP4_ADDRESS_N where N is a number from 0 to (# IPv4 addresses - 1), in the format
"address/prefix gateway". IP4_NUM_ADDRESSES contains the number addresses the script may expect. IP4_NAMESERVERS contains a space-
separated list of the DNS servers, and IP4_DOMAINS contains a space-separated list of the search domains. Routes use the format
IP4_ROUTE_N where N is a number from 0 to (# IPv4 routes - 1), in the format "address/prefix next-hop metric", and IP4_NUM_ROUTES
contains the number of routes to expect. If the connection used DHCP for address configuration, the received DHCP configuration is
passed in the environment using standard DHCP option names, prefixed with "DHCP4_", like "DHCP4_HOST_NAME=foobar".
down The interface has been deactivated.
vpn-up A VPN connection has been activated. The environment contains the connection UUID in the variable CONNECTION_UUID.
vpn-down
A VPN connection has been deactivated.
hostname
The system hostname has been updated. Use gethostname(2) to retrieve it.
OPTIONS
The following options are supported:
--no-daemon
Do not daemonize. This is useful for debugging, and directs log output to the controlling terminal in addition to syslog.
DEBUGGING
The following environment variables are supported to help debugging. When used in conjunction with the "--no-daemon" option (thus echoing
PPP and DHCP helper output to stdout) these can quickly help pinpoint the source of connection issues.
NM_SERIAL_DEBUG
When set to anything, causes NetworkManager to log all serial communication to and from serial devices like mobile broadband 3G
modems.
NM_PPP_DEBUG
When set to anything, causes NetworkManager to turn on PPP debugging in pppd, which logs all PPP and PPTP frames and client/server
exchanges.
SEE ALSO nm-tool(1)NETWORKMANAGER(8)