I have multiple virtual machine(vmware)(linux) but would like to make one as the server, meaning all the client who wants to access the internet, uses the server internet so, the server is able to view all the incoming and outgoing data packets.
Also, I would like to install another virtual machine to act as an IDS to track the server packet, if anything is wrong it is able to flag out.
Thanks for your help in advance
You can setup one Linux server as the gateway for the others. All you need is to create two virtual ethernet interfaces for it, one in bridged mode and other in virtual network mode.
One will be bridged with your actual network and act as the WAN, and the other will be act as a LAN gateway for others VM's.
So other VM's should use your server virtual network IP address as main gateway, and you can use tcpdump or wireshard or everything you like to sniff traffic forwarded.
One thing you need to configure on the server is IP forwarding option in sysctl, which is disabled by default:
net.ipv4.ip_forward = 1
You may find more relevant information here too.
Hope it will help you.
Related
I have a RHEL client machine which has to get data from the RHEL server machine at the time of booting up.
The IP address of the server is known.
The gateway which has to be used by the client machine is known.
The client machine has multiple network interfaces. All may not be up at the same time or all may be connected to different networks.
I need to determine which network interface has to be used.
I know that this can be easily done using the "ping" or "traceroute".
The issue is ICMP protocol is disabled both at the client end as well as the server end.
ICMP has been disabled due to security concerns.
ICMP may be disabled at machine level or it may be disabled for the whole network.
In otherword, I need to find a way that can give me if two ip's are communicating if ICMP is disabled.
Also, I have to use this result in my script, which I am writing in bash, to set the network of the client machine.
What is the best possible way to achieve this?
You can ping the ip with ARP try using arping command
I have setup a number services on my home network (two security system DVR's and IIS on my Windows 7 machine).
All of these devices are behind two routers and have static IP's. I have configured port forwarding on both routers so that everything is accessible via my public IP address. When querying my public IP address outside from a machine outside of my local networ, everything is 100% accessible and working as expected. However, when querying my public IP from a machine or device on my local network, the requests just timeout with nothing served. The only way I can access these resources from a machine on my local network is by querying them by their local IP address.
To explain more clearly (using example IP's):
My Windows 7 machine (which has IIS setup, accessible over port 80) has a local IP of 192.168.1.100
My first security system DVR has a local IP of 192.168.1.101 and is accessible over port 5000
My second security system DVR has a local IP of 192.168.1.102 and is accessible over port 5001
My public (static) IP address is 222.222.222.222
When I am outside of my local network and I open http://222.222.222.222/ in my browser, my Windows 7 IIS website appears in my browser. When I am outside of my local network and I open http://222.222.222.222:5000/ in my browser, my first security system appears in my browser. Lastly, when I am outside of my local network and I open http://222.222.222.222:5001/ in my browser, my second security system appears in my browser.
However, when I am on my local network, I am unable to load any of these devices using my external IP address. The requests just timeout with nothing loaded. When I am on my local network the only way I can get these to load in my browser is by browsing directly to their local IP addresses in my browser.
I'm guessing that I somehow need to either A: get my request for my public IP when on my local network be first sent outside my local network and then sent back to it through my public IP or B: somehow detect if the public IP address is being queried from a local IP and if so, serve up those resources via their local IP...however I don't know if either of those are correct, and even if they are, I don't know how I'd go about doing it.
Can anybody point me in the right direction? All the machines on my local network I'd like to access these resources from are Windows 7 machines, if that makes a difference.
Ideally, you could utilize NAT loopback if your router(s) supports it. NAT Loopback Wiki
If your routers don't support NAT loopback, you may have to go with option B (better than A). Assuming you only need this functionality from one PC, you could mess with the routing tables. That would get really messy in Windows, but possible. AND you would have to track your dynamically changing external IP address somehow. I'll leave options A and B at "improbable" but I'd love for the community to prove me wrong =)
For the sake of simplicity, I will refer you to http://en.wikipedia.org/wiki/Berkeley_sockets and the UDP server and client source code there.
I am trying to send a packet using UDP protocol to a linux VirtualMachine server program. Both my host and VM ping well; all packets sent are received in both directions. However my server program is either not receiving any packets, or it is simply not printing. Either way, it isn't printing the confirmation or contents of any packets I send to it from the host.
I do not have another PC handy, but both programs communicate well enough if I stage them on the same computer and Wireshark reports that the packets are being sent.
Mine is a three part question: first, how can I fix this. Second, why would the host and VM receive each others ping messages, but not pass these on to the open sockets of both ends of my UDP system? Finally, do you have any suggestions about the form or intent of this question?
EDIT: I've tried running my VM with the NAT and bridged adapter network setups. However, I can't conceptualize the relationship between those setups and my problems right now.
With NAT networking, the VM gets a private IP address (usually 192.168.x.y) and the host does NAT translation of outgoing packets, and translates reply packets back to the VM. In this mode, all communication must be initiated by the VM -- outside machines can only send packets to the VM in reply to packets the VM sent to them. On the network, the packets will look like they're coming from/going to the host on some unrelated port.
With bridged networking, the VM gets a device that connects directly to the host's network device. In this mode, the VM appears as a separate machine on the same network LAN as the host, with its own IP address. You need to allocate an IP address for it, the same as the host get allocated an IP address (usually via DHCP).
In either case, to debug what is going on, use tcpdump/wireshark on the host to monitor the host's network device. Send packets from the VM, and you should see them in the trace -- they'll appear to come from the host and a different port in the NAT case, and will appear to come from the VM's IP address (and unchanged ports) in the bridged case.
Once you see that, you should be able to send packets back to the VM, though in the NAT case, they must come FROM the address/port the original packet(s) were sent to.
There are known issues with VirtualBox bridged networking not working properly on wifi devices; in general you can only use bridged networking with wired networks.
Oracles VB manual page clear all the terminology used in settings.
I've had similar problem, where my VB program didn't receive any packets, which I solved by setting "Bridged Networking" and setting up proper source/destination IP address in my program by analyzing WLAN interface with wireshark and using ifconfig (or ipconfig) in terminal.
Hi I have a Huawei ADSL modem with a dynamic IP. I set up a dynamic dns with freedns and I can easily access my Virtual host on apache from outside my private network, from internet.
So trying to access it from a local network I get a modems login page.
I have the rule in my modems NAT to connect port 80 to my server but it seems it doesnt work from internal net.
My server hosting the virtual host is 192.168.0.1 , the modem has the 192.168.0.254 address.
I tried to put my external domain name into the /etc/hosts file, but if I do that then asterisk server gets confused.
What could be the cause of the problem ? And what would be the best solution to this problem ?
Should I set up a caching DNS on the private side of the net ?
Hugger is half right... Its because your router is blocking loopbacks. The easiest way around this is to edit the hosts file (See the Wiki page) on the computer that is behind the network to see the local IP of the computer as the virtual host your going for. For example if your server is on 192.168.0.1 and the virtual hostname is www.imrad.com then insert
192.168.0.1 www.imrad.com
into your hosts file. If your computer leaves the local network (like a laptop you take to work) and joins a network not behind your router you need to comment out the line in the hosts file.
well actually to access that you must find the local ip address of the server by going into command line/prompt and typing ipconfig /all then you will find ipv4 address. Take note of that.
Go to another computer and your that ip and it will show.
The reason that was happening is because the router/modem knows you are in its network so it will think you ar trying to go top the login page of it. That happens to me too.
I have the following problem:
I have Windows 2003 RAS VPN server configured with a single Nic (let's call it LAN1) behind a firewall (lets call it's public address WAN1). PPTP & L2TP ports are forwarded to the Server.
When a client (Windows or LINUX) in a remote network behind a firewall (LAN2) tries to connect to a PPTP VPN on the WAN1 everything goes fine.
When a second client in the same LAN2 tries to connect to the same VPN on the same WAN1 I get an error 629.
It's independant of which machine gets the first connection.
Apparently the problem is also independant of the router/firewall hardware of LAN2 (We have tested it from at least five different types of remote small router/firewalls - linksys, huawey, d-link, etc.)
The firewall WAN1 listens to two internet connections. The problem is independant of which external address the clients are pointing to (even if two different workstations point to different IP addresses to attempt to stablish a vpn).
Inside LAN1, there is no such limitation and multiple workstations connect just fine.
Theres also no limitation from different remote LANs.
Is this a limitation of PPTP protocol?
Thanx in advance.
From your description it sounds like the issue is at the remote end. You mention that when a second user from LAN2 attempts to reach the same VPN server at WAN1 you receive an error.
Depending on the firewall mechanism in use there can be a "limitation" that exists with regard to PPTP connection tracking and multiple VPN connections to the same server address.
Google: pptp multiple connections to same ip
Due to the way in which NAT tracks PPTP connections, specific modules need to be loaded in order to handle multiple connections to a single server.
If it's netfilter based, make sure 'nf_conntrack_pptp' and 'nf_nat_pptp' are loaded.