Solved

Need public interface open after establishing tunnel

Posted on 2003-10-24
6
252 Views
Last Modified: 2010-04-12
Here is my senerio. I have a website that I host for a customer. They have the Oracle portion hosted in NY. The current setup is, our server has a Microsoft VPN connection to their network to connect to the Oracle server. When I hit the web page from the outside with the tunnel down it obviously fails because Oracle is unavailable. And ovbiously if I connect the tunnel I can't reach the webserver from the outside because all traffic goes to their private network. So I need to have the outside interface opened up to respond to the webserver on my box as well as the tunnel up for the server to communicate with the Oracle server. And NO, hosting the Oracle server here is not an option, I asked. I know this sounds kind of unorodox but I am open to suggestions. Can someone please tell me how this can be done.?
125 points to the person with the solution (It's all I got). Thanks in advance.

Mike.
0
Comment
Question by:pakitloss
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 11

Expert Comment

by:ewtaylor
ID: 9617086
You need to enable split tunneling, at least I think that is what you are trying to do. It will allow you to route traffic not meant for the oracle ip subnet outside of the tunnel.
0
 
LVL 4

Author Comment

by:pakitloss
ID: 9617218
Yes but will it route inbound traffic from the internet to the webserver and how do you enable split tunneling?
0
 
LVL 11

Expert Comment

by:ewtaylor
ID: 9617343
I guess I am confused, the webserver is connected via a vpn to the corporate network. You are routing traffic into the webserver from the internet. Is the webserver multihomed?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 4

Author Comment

by:pakitloss
ID: 9617493
Yes, Here is the configuration
Internet----->>Web Server<<<<<VPN>>>>>Oracle server. I need to be able to allow the server to post back to the Oracle server in order to work. I am sorry if I am sounding confusing. It has been a long day.

Thanks
0
 
LVL 11

Accepted Solution

by:
ewtaylor earned 125 total points
ID: 9621237
You should be fine, the vpn tunnel should be on the second network interface with the oracle webserver. The other interface is handling inbound from the internet. The only problem I see would be one of security, if they compromised your webserver they have an encrypted pipe to the oracle server.
0
 
LVL 4

Author Comment

by:pakitloss
ID: 9638020
Thanks,

After I realized what you mean I had it it working in an hour. Thanks. This was only a temporary thing to demo the site for the customer so from a security standpoint the tunnel was only up long enough to demo it.

0

Featured Post

Is your NGFW recommended by NSS Labs?

Ours is! NSS Labs Next Generation Firewall Test gives the WatchGuard Firebox M4600 a "Recommended" rating! Curious where your NGFW landed on the  Security Value Map? See the map and download the full report today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One of the Top 10  common Cisco VPN problems are not-matching shared keys. This is an easy one to fix, but not always easy to notice, see the case below. A simple IPsec tunnel between fast Ethernet interfaces of routers SW1 (f1/1) and R1(f0/0). …
When you connect to your workplace's VPN, you may not notice that you are using your workplace's servers to serve up webpages.  This might be undesirable since the workplace can log all the places you've been.  It also might be very slow to load pag…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question