So a little background of what I'm trying to accomplish. I'm basically trying to setup a Windows File Server using GCP VM Windows Instance. I have the VM setup and I have created a VPN connection between our office network and to the GCP VM network.
Now I'm trying to communicate between the two different subnets and I have to admit I'm kinda lost.
My office subnet is 192.168.72.0/24 and my GCP IP is 10.123.0.0 with my server being at 10.123.0.2
If I understand networking correctly I need to setup a route between 192.168.72.0 to 10.123.0.2? Or do I just need to create a firewall rule?
I'm using a SonicWall Firewall to establish the VPN connection to the GCP network.
I think I've been working at this too long for one day. I'm steaping away for a bit.
Thanks in advance.
If you set up a Site to Site, you should not need to include a route, you will if you setup a Tunnel Interface. But to me, it sounds like you just need to do a site to site. I dont think the tunnel will come up without the correct subnets, but just verify that the tunnel is up and then I would setup a packet monitor to see what route the traffic is taking when you try to ping from 192.168.72.0/24 to IP is 10.123.0.0.
Related
What I'm trying to achieve is:
Connect to a VPN as client and route all my internal network's traffic over the VPN.
Run a VPN server, so that people from outside can connect to my internal network and get routed over the a.m. VPN client.
I'm trying to achieve that with a router running dd-wrt (netgear D6200), and / or a raspberry pi.
Can someone tell me if this can be achieved, and if, direct me to what would be a possible solution?
(I'm not looking for a tutorial, just a direction)
Thanks!
This thread probably does not belong here.
Consider using OpenWRT instead of dd-wrt. OpenWRT gives you a usable build system and easier to customize and build. I am not advocating OpenWRT. This can be a stop gap measure.
You can setup a OpenVPN server and OpenVPN client using the standard
documentation available on OpenWRT Wiki and also OpenVPN site.
Add to OpenVPN server.conf the following directive redirect-gateway def1. This will push the default gateway to clients connecting to OpenVPN server. Further, make sure you are using a unique network IP pool for VPN clients and does not clash with the remove VPN server.
Make sure you are masquerading the VPN traffic (Clients of local VPN server) before forwarding to remove VPN server. This can be tricky as this interface does not exist at boot time. It needs to be configured using up and down scripts
Make sure you are allowing traffic (clients of local VPN Server) on VPN interface to be forwarded in your firewall rules
Before setting up the OpenVPN server, make sure
The remove VPN server is pushing the default gateway to your VPN
client
You have setup the firewall correctly
You are able to reach the cloud through the Remote VPN Server. Checking with some site like www.whatismyip.com will help
Yes this is possible with dd-wrt on Netgear.
There is no need of Raspberry (unless you meant to run the remote VPN server on it).
Configure and run VPN server on dd-wrt - and try connectivity by connecting clients. Both tun/tap should work in general (with VPN client running). I tested with tun.
Configure and run VPN client on dd-wrt and try connecting to your VPN server. By default, the router should start directing all traffic (for its own LAN clients) via the VPN server.
So far so good.
The problem comes when you want dd-wrt's VPN clients (and not just LAN clients) to take the same route. With a VPN client running on dd-wrt, dd-wrt's own VPN clients will not be able to connect to the VPN server running on dd-wrt as such. To make it work, see below.
This is only possible via PBR - i.e. you run VPN client on dd-wrt, but take the router itself off this client, and route only specific clients through this VPN client running on dd-wrt.
With some tweaks using subnet masks, it is possible to include all your LAN and VPN IPs in the PBR policy so that everything (except the router itself) routes through the remote VPN server.
The key is to include dd-wrt's VPN clients' virtual IPs in the PBR. While configuring VPN server on dd-wrt, there is a field for specifying the clients' network and netmask.
If you use this network IP and netmask in client process's PBR policy, your (dd-wrt's) VPN clients will be able to connect to the VPN server running on dd-wrt, and will in turn be routed through the remote VPN server to which dd-wrt is connected as a client.
I would like to create a local wireless without internet.
I would like to have the possibility to connect 50 clients and access to a website using a domain name.
That means, I need a DNS and DHCP.
I sreach on internet an I found a way to achieve that but not totally and i am not sure if it will work and if it is the best way to achieve that.
I can maybe have a mini PC (server) with ad hoc network and have the client to connect on the server but:
Will it be possible on a connection to assign a ip to the client and set a DNS server ip on the client as the same ip of the server.
I found mini PCs but how can I know if the PC will handle a lot of client ? Which network card to choose ?
I think also that a router and configure DHCP on it to distribute the IPs but I would like to have one box ready object as a mini PC.
I need an advice on the best way to go with what i want to achieve and materials i need to buy and good references.
For a linux domain controler you will need to install bind to host your own DNS. It's a little involved to set up, but necessary if your network doesn't have a DNS server. If you're using a windows domain controller you will need a server OS (expensive). If you only have 50 clients the DNS resources needed will be small and you could run bind from any old box, even a Raspberry Pi. You will also need a host machine for the "website" a.k.a. an intranet. This can be the same machine as your DNS server, but can be any computer on the network. When all is done you will have your router configured with the IP of your local DNS server. The DNS server will point your local domain to whatever box hosts the intranet website.
I have windows 8 host and i have installed ubuntu 14.10 server as a virtual machine in vmware. i have installed LAMP server and i am trying to host a website from it. i have created a virtual host. my website is accessible in the host machine when i go to the address 192.168.0.106.
my router info:
LAN
IP Address :192.168.0.1
INTERNET
IP Address :10.30.XXX.XXX
"what is my ip" in google: 113.XXX.XXX.XXX
how do i make my website accessible from the internet ? I know it is a dumb question, but i tried searching everywhere and could not get the solution.
Since you say that you can connect to the site from the host machine, it does not matter that it is in a VM.
You say that you can connect to your site via: 192.168.0.106 on the LAN. You need to forward connections to your WAN address (113.193.56.198) to your LAN address (192.168.0.106). You can do this in most router settings in a section called Port forwarding. Use port 80 if you're hitting the LAN IP from a browser and you don't have to add a port after the address like http:\\192.168.0.106:1234. Otherwise, use whatever port you like.
Once you get that working, it is a good idea to use a dynamic DNS service, which will connect your IP to a domain name and update the connection whenever your WAN IP changes. This way, instead of using the WAN IP in a browser, you can use your domain name and it should always work. But that's not your first problem. First get it working with the WAN IP by itself. Once you've got that working, get some DynDNS.
EDIT
If you think it should be working but can't figure out why it isn't, use a tool like nmap/zenmap to scan your WAN and LAN IPs. That will help you diagnose the problem.
A DynDNS should do the job!
It will automatically renew your dynamic ip address. All you need is; a tool that runs on your server with website.
Search for it on google, and you'll find a solution. Btw: there are, Free and paid solutions.
EDIT: by the way, your router requires additionally some port forwarding to make your website accessible from outside. Even with the DynDNS stuff installed.
Just to give you some indications.
I installed Veency Server on my old Iphone 3GS. I can connect to it from my other devices in local network, using its 192.168.2.xxx adress, but i cant connect from another network. I know that my router uses NAT so i tried port forwarding for ports 5500,5900 and 5800, then i tried to forward all ports in range 0:7000 but none of them seemed to work. What can i do ?
Thanks a million in advance.
Shouldn't be too complicated.
Set a DHCP reservation in your router for the device.
Forward the VNC port (Usually 5900) to the IP you set.
If you don't have a static external IP, get something like No-IP or DynDNS so you can have an unchanging URL to connect to.
That's about it, it's no different than making any other service external.
You should know that this will not be secure, and very easy for a man in the middle attack to happen.
My goal is to have two laptops in a network. One is acting as a server, serving webpages to the other. The catch here is that neither is connected to the outside internet.
What I have done so far is setup WAMP on the server laptop, and it successfully serves web pages on localhost. Now I want to access these pages on the other laptop.
To do this, I had the server create an ad-hoc network and connected the other laptop to it, but I'm stuck - and I'm worried I'm not on the right track. I followed this tutorial but in the end I figured out that just explained how to spoof a text URL as an IP address, and not really what I was looking for.
So I guess I have two questions:
Is my method the best way to do this (with ad-hoc networks)? Is there some way to connect a laptop to a wireless router and have the laptop act as a server to another laptop?
If my WAMP and ad-hoc network should work, how do I connect other laptops to my server through the ad-hoc network?
Thanks!
I would suggest the first option: get a wifi router. Then you can assign static IP adresses from the routers private network or use DHCP server on the router. Hopefully you will have an option to reserve IP adresses on DHCP server so you dont have to check every time what IP adress the laptop acting as a server got. You use this address to access your web server. Also, you can use this router later as a gateway to the internet if you want.
In ad hoc mode you will probably get an address from 169.254.0.0/16 link-local scope, and you can check it by running ipconfig as #Robadob already suggested.
On your hosting laptop open cmd and call ipconfig look for the internal IP address on the network interface your hosting the ad-hoc network.
Enter that IP address into the browser on your client laptops web browser instead of localhost.
If that doesn't work, try other ip addresses listed by ipconfig (incase you used the wrong) and then check the properties of your ad-hoc network, windows firewall and any other firewall software to disable anything that might be blocking it.
An ad-hoc network is suitable option for what your doing, most people would probably use a switch or router though, however that requires hardware you probably don't have.