Solved

Emulate or spoof my own ip address

Posted on 2009-07-03
7
693 Views
Last Modified: 2012-05-07
I have a vpn server that has the only external IP address recognized by the clients I am making the VPN connection to. I did not set this up and have not been able to get the connection changed to accept our external ip. I need to have a backup server to make these VPN connections.

Does anyone know of a way to accomplish the task of making two servers appear to be comming from the same address, or making it look like they are using the same IP address for the outgoing address? The IP allowed by the clients is not the external IP of our router it is the IP of the server.
0
Comment
Question by:jimmylew52
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 33

Expert Comment

by:MikeKane
ID: 24773448
So your external clients hit 1 IP and you want to have 2 machines answer for backup purposes.  

Since you can't have 2 machines share the same IP, and it sounds like you can't setup another IP for VPN backup.

If the vpn endpoint is a linux host, you can use HA failover to share a virtual IP address between 2 similarly configured hosts.  IF the primary dies, the secondary assumes the virtual IP and will service requests.    
http://www.linux-ha.org/

A lot of this will depend on what you are running for the VPN endpoint.


0
 
LVL 1

Author Comment

by:jimmylew52
ID: 24774632
I establish  the VPN connection from my windows server to the clients windows server..
0
 
LVL 1

Author Comment

by:jimmylew52
ID: 24776857
I will try setting up an internal router and setting the wan port to the IP address recognized by the clients and connect both servers to the router and see if that works. I will try that on monday.
0
Ready to trade in that old firewall?

Whether you need to trade-up to a shiny new Firebox or just ready to upgrade from whatever appliance you're using now, WatchGuard has the right appliance for you! Find your perfect Firebox today with appliance sizing tool!

 
LVL 33

Expert Comment

by:MikeKane
ID: 24824146
What kind of router do you have and what client are you using.    If supported, you could setup a client vpn using the router as an endpoint providing access to the entire internal subnet.   That would probably require some client reconfiguration however.
0
 
LVL 1

Author Comment

by:jimmylew52
ID: 24890188
The client only allows connection from the IP address of one of our servers. A permanent VPN connection is not possible. Our router says it supports vpns but I have not been able to get it to work.
0
 
LVL 33

Accepted Solution

by:
MikeKane earned 500 total points
ID: 24925627
It sounds to me like what you are after isn't going to happen without manual intervention.  

You could always look to a virtualzed solution where the server exists as a virtual host that is stored on SAN and then accessed from a front end VMWARE server.    2 Windows boxes, each running vmware server with access to a guest os on a SAN disk would provide the failover solution you are looking for without playing around with layer 3 networking.      

HAve you looked at VMWARE or Virtual box or other virtualization packages?
0
 
LVL 1

Author Closing Comment

by:jimmylew52
ID: 31599605
Your solution would work but I have set up a linksys router within my network and assign the Ip my client sees to the wan interface. The two servers connect to the LAN interface of the Linksys router and both are able, one at a time, to connect to the client.
0

Featured Post

Supports up to 4K resolution!

The VS192 2-Port 4K DisplayPort Splitter is perfect for anyone who needs to send one source of DisplayPort high definition video to two or four DisplayPort displays. The VS192 can split and also expand DisplayPort audio/video signal on two or four DisplayPort monitors.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Overview Often, we set up VPN appliances where the connected clients are on a separate subnet and the company will have alternate internet connections and do not use this particular device as the gateway for certain servers or clients. In this case…
Juniper VPN devices are a popular alternative to using Cisco products. Last year I needed to set up an international site-to-site VPN over the Internet, but the client had high security requirements -- FIPS 140. What and Why of FIPS 140 Federa…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question