1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

strange VPN set up question

Discussion in 'Networking' started by sitesofray, Nov 3, 2010.

Thread Status:
Not open for further replies.
  1. sitesofray

    sitesofray Thread Starter

    Joined:
    Oct 11, 2010
    Messages:
    8
    Hi
    I run a server which serves files and internet to about 30 client computers.
    I now need to create some sort of VPN on a second server/computer using the same internet connection which can NOT allow discovery of that first server or any of its files. (basically 1 server and one VPN both working mutually exclusive from same internet source) the VPN and files on that second server also needs to be VERY secure.
    any suggestions?

    I was thinking of setting up a second computer and just run Himachi but how safe is that? how can I keep that computer and connecting users from discovering the second server?

    It's a bit above my level so any advanced answers with noob explanations would rock
    Thanks!!!
     
  2. sitesofray

    sitesofray Thread Starter

    Joined:
    Oct 11, 2010
    Messages:
    8
    Anyone?
     
  3. zx10guy

    zx10guy Trusted Advisor Spam Fighter

    Joined:
    Mar 30, 2008
    Messages:
    5,965
    There are ways to do this. It depends on how you want to approach your solution.

    Full disclosure. I am not a fan of third party VPN services especially in business situations.

    You have a couple of options off the top of my head. First would be to get a router/firewall which supports either VLAN tagging or has multiple physical router interfaces. The ACL rules would be set up to prevent routing between your private subnets but allows internet access. You would then put in a VPN concentrator on the new subnet and then set up the appropriate port forward rules on the main router/firewall.

    The second option is to use a VPN router/firewall with multiple physical router interfaces or support for VLAN tagging. A device like this is a Cisco ASA firewall. I have personally configured two Cisco firewalls in this type of configuration. One was on a former company's PIX 515E and the other on my own personal ASA 5505. In the case of my 5505 configuration, it's a little different than what you are looking to accomplish, but th ebasic design is the same. I have a special wireless segment on my home network which only has PCs I use personally on it. I allow a VPN connection to my high security wired segment. The other subnets on my ASA are for DMZ/wireless, printer, and NMS. Some subnets are allowed to talk to others and denied to the remainder.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/960247

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice