Solved

Emulate or spoof my own ip address

Posted on 2009-07-03
7
686 Views
Last Modified: 2012-05-07
I have a vpn server that has the only external IP address recognized by the clients I am making the VPN connection to. I did not set this up and have not been able to get the connection changed to accept our external ip. I need to have a backup server to make these VPN connections.

Does anyone know of a way to accomplish the task of making two servers appear to be comming from the same address, or making it look like they are using the same IP address for the outgoing address? The IP allowed by the clients is not the external IP of our router it is the IP of the server.
0
Comment
Question by:jimmylew52
  • 4
  • 3
7 Comments
 
LVL 33

Expert Comment

by:MikeKane
Comment Utility
So your external clients hit 1 IP and you want to have 2 machines answer for backup purposes.  

Since you can't have 2 machines share the same IP, and it sounds like you can't setup another IP for VPN backup.

If the vpn endpoint is a linux host, you can use HA failover to share a virtual IP address between 2 similarly configured hosts.  IF the primary dies, the secondary assumes the virtual IP and will service requests.    
http://www.linux-ha.org/

A lot of this will depend on what you are running for the VPN endpoint.


0
 
LVL 1

Author Comment

by:jimmylew52
Comment Utility
I establish  the VPN connection from my windows server to the clients windows server..
0
 
LVL 1

Author Comment

by:jimmylew52
Comment Utility
I will try setting up an internal router and setting the wan port to the IP address recognized by the clients and connect both servers to the router and see if that works. I will try that on monday.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 33

Expert Comment

by:MikeKane
Comment Utility
What kind of router do you have and what client are you using.    If supported, you could setup a client vpn using the router as an endpoint providing access to the entire internal subnet.   That would probably require some client reconfiguration however.
0
 
LVL 1

Author Comment

by:jimmylew52
Comment Utility
The client only allows connection from the IP address of one of our servers. A permanent VPN connection is not possible. Our router says it supports vpns but I have not been able to get it to work.
0
 
LVL 33

Accepted Solution

by:
MikeKane earned 500 total points
Comment Utility
It sounds to me like what you are after isn't going to happen without manual intervention.  

You could always look to a virtualzed solution where the server exists as a virtual host that is stored on SAN and then accessed from a front end VMWARE server.    2 Windows boxes, each running vmware server with access to a guest os on a SAN disk would provide the failover solution you are looking for without playing around with layer 3 networking.      

HAve you looked at VMWARE or Virtual box or other virtualization packages?
0
 
LVL 1

Author Closing Comment

by:jimmylew52
Comment Utility
Your solution would work but I have set up a linksys router within my network and assign the Ip my client sees to the wan interface. The two servers connect to the LAN interface of the Linksys router and both are able, one at a time, to connect to the client.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

One of the Top 10  common Cisco VPN problems are not-matching shared keys. This is an easy one to fix, but not always easy to notice, see the case below. A simple IPsec tunnel between fast Ethernet interfaces of routers SW1 (f1/1) and R1(f0/0). …
Article by: rfc1180
The Maximum Segment size (MSS) is an important consideration when troubleshooting connectivity via the Internet/Intranet. As the packets are routed via the Internet/Intranet, the packets must traverse through multiple routers in the path between two…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now