Solved

Virtual network inside 1 server

Posted on 2012-04-12
4
396 Views
Last Modified: 2012-06-27
Im trying to figure out the best way to secure access to a particular website, which is only required to be accessed by a few individuals.

My idea at the moment, is to create a VPN server, where the users can connect and get onto the site by loading their own web software up and connecting, however Im not sure how I can setup a network inside my server.

Is it possible to setup a virtual network inside my server (eg 192.168.1.1-254), so when a user connects, I can assign them an IP address (eg 192.168.1.200-210), and have my apache listening to other ports (eg 192.168.1.100-110).

My issue is I have a stand-alone server, which I want to use as my VPN server, and apache server, so users can connect via secure VPN and then see the web site inside. I dont have any more IPs apart from its external IP address (which currently is serving all the sites, but not securly).

Any ideas, even if Im going along the right path here of doing this?

Thank you
0
Comment
Question by:tonelm54
  • 2
4 Comments
 
LVL 63

Expert Comment

by:SysExpert
ID: 37838439
I would use apache to secure the site, and simply put it on a different port ( 8080 etc )

A lot less work I would think

I hope this helps !
0
 

Author Comment

by:tonelm54
ID: 37838535
True, and thats how it currently works, however there is a lot of very sensitive information to be uploaded, so I need to protect it a little more.

I would just restrict to only certain IPs but the IPs the users are using to connect will change.

I could change the host so it only listens for a particular host, then change the hosts file on the PCs but the PCs will also change.

I know I could simply use usernames and passwords, but I would like to secure the data transmittion, and only have 1 IP address for multiple sites, so cant use SSH.

Ive been thinking for a while on this, and think the only way is to use VPN, and then "somehow" use internal IPs and get Apache to listen to these internal IPs :-S

Good fun ehh :-)
0
 
LVL 63

Assisted Solution

by:SysExpert
SysExpert earned 250 total points
ID: 37838645
Can you do a vpn on your router rather than on the Windows server ?
0
 
LVL 1

Accepted Solution

by:
nmitev earned 250 total points
ID: 37843053
If you run the site over https rather than http thats secure enough for all banks and online shops out there. As long as it is for internal use only, you don't need to buy certificates, you can generate them yourself.
If you want an additional authentication stage before that, you can set up a clientless VPN server on a  separate machine and then a static OpenVPN tunnel between that and your server. The secure apache instance can then be configured to listen only on the tun1 (or any number here) interface belonging to the tunnel between the web server and the VPN server.

Look at http://sourceforge.net/projects/openvpn-als/.
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question