Solved

Setting up Red hat linux VPN

Posted on 2013-11-01
5
543 Views
Last Modified: 2013-12-05
I am trying to setup a red hat Linux server to connect to a windows server running sql server; I want to establish a vpn so DBAs can remotely connect to the windows machine.

Can you help me determine the right VPN client to use and also provide me with the right configuration steps and correct commands to use to set this up.

Thanks,
0
Comment
Question by:redkasote
  • 2
  • 2
5 Comments
 
LVL 34

Expert Comment

by:Seth Simmons
Comment Utility
what are you trying to connect to?  do you have rras setup somewhere or do you have some other software/appliance?
0
 

Author Comment

by:redkasote
Comment Utility
I don't have any software setup or rras. I attempted to intall pptp as a VPN client but wasn't successfull. I am trying to connect to a windows server from a red hat box.
0
 
LVL 13

Expert Comment

by:Daniel Helgenberger
Comment Utility
Please note, you do not necessarily need a VPN for your setup but can do the same thing maybe better and much easier with ssh port redirection:
1. the client connects to the ssh server
2. the client opens a random port on its own loopback terminated on the servers SQL port
3. access to the loopback port is forwarded through the ssh tunnel to the server's SQL port.
4. the SQL client accesses the the SQL server via its own loopback interface

If you cannot achieve this, for instance because you have no terminated/direct connection to the windows server from your redhat client, I would recommend OpenVPN. This is quite easy to setup and very secure. Binaries are readily available for both OS's.
0
 

Author Comment

by:redkasote
Comment Utility
I am able to ping the sql server from the red hat machine, is that a direct connection? I started to setup openVPN but there aren't any properly put together steps online. I wasn't sure if I had to setup the openVPN server steps as well or just skip to the client. The steps I was referring to went through server configuration and then client setup.

Are you able to give me the steps to setup both solutions or direct me to where I can see good instructions.  Thanks.
0
 
LVL 13

Accepted Solution

by:
Daniel Helgenberger earned 500 total points
Comment Utility
Please have a look at this tutorial, to setup OpenSSH on windows:
http://comptb.cects.com/1264-install-configure-ssh-on-windows

If this is configured and setup correctly, then initialize an SSH port forward on your linux client like this example (please change it to your needs):
ssh -N -L31433:localhost:1433 user@winserver &
# Lets test this:
telnet localhost:31433

Open in new window

Explanation:
This assumes, you have a valid user named 'user' on your windows server named 'winserver' and MS SQL running on tcp/1433 on 'winserver'. Please change these settings to your needs.

The port I used, 31433, is random, you can use any other port you like. High port numbers are used commonly (since they require no su rights and do not interfere with other services).

Then, change your connection settings in your Linux application to access the SQL server via localhost:31433
Further, I use -N, this prohibits remote command execution, and & to run this process in the background. The telnet command is just a quick test if the tunnel is up. You should not get a timeout, though any other error is fine in this case.

Note, if this works, you can easily setup xinetd to establish the connection on demand or use a custom service to have it always open. Also, use ssh-keys so services can connect to your windows SSH server, as covered in the HowTo. Also, as a security precaution, you should setup a port forward/guest only user with no remote command execution permissions on your windows server.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

If you have a server on collocation with the super-fast CPU, that doesn't mean that you get it running at full power. Here is a preamble. When doing inventory of Linux servers, that I'm administering, I've found that some of them are running on l…
For a while, I have wanted to connect my HTC Incredible to my corporate network to take advantage of the phone's powerful capabilities. I searched online and came up with varied answers from "it won't work" to super complicated statements that I did…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now