Solved

Virtual network inside 1 server

Posted on 2012-04-12
4
398 Views
Last Modified: 2012-06-27
Im trying to figure out the best way to secure access to a particular website, which is only required to be accessed by a few individuals.

My idea at the moment, is to create a VPN server, where the users can connect and get onto the site by loading their own web software up and connecting, however Im not sure how I can setup a network inside my server.

Is it possible to setup a virtual network inside my server (eg 192.168.1.1-254), so when a user connects, I can assign them an IP address (eg 192.168.1.200-210), and have my apache listening to other ports (eg 192.168.1.100-110).

My issue is I have a stand-alone server, which I want to use as my VPN server, and apache server, so users can connect via secure VPN and then see the web site inside. I dont have any more IPs apart from its external IP address (which currently is serving all the sites, but not securly).

Any ideas, even if Im going along the right path here of doing this?

Thank you
0
Comment
Question by:tonelm54
  • 2
4 Comments
 
LVL 63

Expert Comment

by:SysExpert
ID: 37838439
I would use apache to secure the site, and simply put it on a different port ( 8080 etc )

A lot less work I would think

I hope this helps !
0
 

Author Comment

by:tonelm54
ID: 37838535
True, and thats how it currently works, however there is a lot of very sensitive information to be uploaded, so I need to protect it a little more.

I would just restrict to only certain IPs but the IPs the users are using to connect will change.

I could change the host so it only listens for a particular host, then change the hosts file on the PCs but the PCs will also change.

I know I could simply use usernames and passwords, but I would like to secure the data transmittion, and only have 1 IP address for multiple sites, so cant use SSH.

Ive been thinking for a while on this, and think the only way is to use VPN, and then "somehow" use internal IPs and get Apache to listen to these internal IPs :-S

Good fun ehh :-)
0
 
LVL 63

Assisted Solution

by:SysExpert
SysExpert earned 250 total points
ID: 37838645
Can you do a vpn on your router rather than on the Windows server ?
0
 
LVL 1

Accepted Solution

by:
nmitev earned 250 total points
ID: 37843053
If you run the site over https rather than http thats secure enough for all banks and online shops out there. As long as it is for internal use only, you don't need to buy certificates, you can generate them yourself.
If you want an additional authentication stage before that, you can set up a clientless VPN server on a  separate machine and then a static OpenVPN tunnel between that and your server. The secure apache instance can then be configured to listen only on the tun1 (or any number here) interface belonging to the tunnel between the web server and the VPN server.

Look at http://sourceforge.net/projects/openvpn-als/.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question