Whether you need to trade-up to a shiny new Firebox or just ready to upgrade from whatever appliance you're using now, WatchGuard has the right appliance for you! Find your perfect Firebox today with appliance sizing tool!
Course Of The Month
8 days, 12 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Emulate or spoof my own ip address
Posted on 2009-07-03
I have a vpn server that has the only external IP address recognized by the clients I am making the VPN connection to. I did not set this up and have not been able to get the connection changed to accept our external ip. I need to have a backup server to make these VPN connections.
Does anyone know of a way to accomplish the task of making two servers appear to be comming from the same address, or making it look like they are using the same IP address for the outgoing address? The IP allowed by the clients is not the external IP of our router it is the IP of the server.
Does anyone know of a way to accomplish the task of making two servers appear to be comming from the same address, or making it look like they are using the same IP address for the outgoing address? The IP allowed by the clients is not the external IP of our router it is the IP of the server.
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
4
3
7 Comments
So your external clients hit 1 IP and you want to have 2 machines answer for backup purposes.
Since you can't have 2 machines share the same IP, and it sounds like you can't setup another IP for VPN backup.
If the vpn endpoint is a linux host, you can use HA failover to share a virtual IP address between 2 similarly configured hosts. IF the primary dies, the secondary assumes the virtual IP and will service requests.
http://www.linux-ha.org/
A lot of this will depend on what you are running for the VPN endpoint.
Since you can't have 2 machines share the same IP, and it sounds like you can't setup another IP for VPN backup.
If the vpn endpoint is a linux host, you can use HA failover to share a virtual IP address between 2 similarly configured hosts. IF the primary dies, the secondary assumes the virtual IP and will service requests.
http://www.linux-ha.org/
A lot of this will depend on what you are running for the VPN endpoint.
I will try setting up an internal router and setting the wan port to the IP address recognized by the clients and connect both servers to the router and see if that works. I will try that on monday.
What kind of router do you have and what client are you using. If supported, you could setup a client vpn using the router as an endpoint providing access to the entire internal subnet. That would probably require some client reconfiguration however.
The client only allows connection from the IP address of one of our servers. A permanent VPN connection is not possible. Our router says it supports vpns but I have not been able to get it to work.
It sounds to me like what you are after isn't going to happen without manual intervention.
You could always look to a virtualzed solution where the server exists as a virtual host that is stored on SAN and then accessed from a front end VMWARE server. 2 Windows boxes, each running vmware server with access to a guest os on a SAN disk would provide the failover solution you are looking for without playing around with layer 3 networking.
HAve you looked at VMWARE or Virtual box or other virtualization packages?
You could always look to a virtualzed solution where the server exists as a virtual host that is stored on SAN and then accessed from a front end VMWARE server. 2 Windows boxes, each running vmware server with access to a guest os on a SAN disk would provide the failover solution you are looking for without playing around with layer 3 networking.
HAve you looked at VMWARE or Virtual box or other virtualization packages?
Featured Post
The VS192 2-Port 4K DisplayPort Splitter is perfect for anyone who needs to send one source of DisplayPort high definition video to two or four DisplayPort displays. The VS192 can split and also expand DisplayPort audio/video signal on two or four DisplayPort monitors.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Overview
Often, we set up VPN appliances where the connected clients are on a separate subnet and the company will have alternate internet connections and do not use this particular device as the gateway for certain servers or clients. In this case…
Juniper VPN devices are a popular alternative to using Cisco products. Last year I needed to set up an international site-to-site VPN over the Internet, but the client had high security requirements -- FIPS 140.
What and Why of FIPS 140
Federa…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Suggested Courses
Earn Certification
HTML5 Specialist - Certification
Free withPremium
Course of the Month8 days, 12 hours left to enroll
617 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.