Wednesday, May 27, 2009

Setting up your own VPN Client and Server

Here the the configs and way to set up your own VPN server and client

Download a VPN client from cisco web site and have the setup something similar to the below one

Laptop/PC--------Cisco Router
X Y

Suppose pc is having X ip address and router's ip address is Y.

!----Put AAA here i'm putting local authentication we can do otherwise aswell-----
aaa new-model
aaa authentication login userauthen local
aaa authorization network groupauthor local
username dujoshi password 0 lab

!------dujoshi will be the username and password for remote user.

!−−− Create an Internet Security Association and
!−−− Key Management Protocol (ISAKMP) policy for Phase 1 negotiations.
crypto isakmp policy 3
encr 3des
authentication pre−share
group 2

crypto isakmp client configuration group 3000client
key cisco123
dns x.x.x.x (IP address should be the same as the connected interface of router, Y in our case)
domain cisco.com
pool ippool

crypto ipsec transform−set myset esp−3des esp−sha−hmac
!
!−−− Create a dynamic map and
!−−− apply the transform set that was created above.
crypto dynamic−map dynmap 10
set transform−set myset
!
!−−− Create the actual crypto map,
!−−− and apply the aaa lists that were created earlier.
crypto map clientmap client authentication list userauthen
crypto map clientmap isakmp authorization list groupauthor
crypto map clientmap client configuration address respond
crypto map clientmap 10 ipsec−isakmp dynamic dynmap

!−−− Create a pool of addresses to be assigned to the VPN Clients.
ip local pool ippool 14.1.1.100 14.1.1.200

int
crypto map clientmap
!

Now in your VPN-Client put the following

GW the ip address of your router interface (our case it's Y)
in group access information put
NAME: 300Client
PASSWORD: cisco123


Way of working in Deployment :-
==================================

Initially you'll be connected to the router using a static/dynamic ip given by your service provider to you.
say

(PC)-------(SP-ROUTER)----Internet-----(CiscoVPNServer)

Now in the above case you are free to use internet via Service Provider(SP router).
now when you want to connect to the CiscoVPNServer you will start your vncClient on your pc and you'll try to connect to the VPN.
The password prompt you'll put Your name and password.
once the authentication is done, there will be a tunnel from PC to CiscoVPNServer, and now everypacket will go via this IPSEC tunnel, now your PC would be having two IP's one VPN-IP which CiscoVPNServer has given to you.

Now everything from your PC will go to CiscoRouter and in encrypted format, and even the internet browsing will be done via Cisco Network.

Will talk more about IPSEC and VPN in other posts.

this is the simplest way to try VPN-Client and Server.
Posted by at No comments:

Monday, May 11, 2009

hands with RTP streaming.

1- We can run the normal way putting the video/audio file in a player and play it on our html page.

[root@mrbu-devtest html]# ls
a.html index.html synchronizeddance.wmv
[root@mrbu-devtest html]#
[root@mrbu-devtest html]#
{[root@mrbu-devtest html]# cat a.html

<br />

This is our new web server . Happy Innovation Day !!!

classid="clsid:02BF25D5-8C17-4B23-BC80-D3488ABDDC6B" >




autoplay="true"
controller="true">




[root@mrbu-devtest html]# }
Posted by at No comments:

Wednesday, May 6, 2009

Installing webserver on linux.

1- Check if httpd is running on the box or not

[root@mrbu-devtest html]# netstat -tunlp | grep 80
tcp 0 0 0.0.0.0:5801 0.0.0.0:* LISTEN 7042/Xvnc
tcp 0 0 0.0.0.0:5802 0.0.0.0:* LISTEN 28998/Xvnc
tcp 0 0 0.0.0.0:5803 0.0.0.0:* LISTEN 29895/Xvnc
tcp 0 0 0.0.0.0:5804 0.0.0.0:* LISTEN 1446/Xvnc
tcp 0 0 0.0.0.0:5805 0.0.0.0:* LISTEN 1572/Xvnc
tcp 0 0 0.0.0.0:5807 0.0.0.0:* LISTEN 28971/Xvnc
tcp 0 0 0.0.0.0:5808 0.0.0.0:* LISTEN 29093/Xvnc
tcp 0 0 0.0.0.0:5809 0.0.0.0:* LISTEN 6434/Xvnc
tcp 0 0 127.0.0.1:6012 0.0.0.0:* LISTEN 28075/31
tcp 0 0 :::80 :::* LISTEN 20792/httpd
tcp 0 0 ::1:6012 :::* LISTEN 28075/31
[root@mrbu-devtest html]#

the httpd will not be there if the server is not running.

2- if suppose httpd is coming we can check if this service is running or not.

[root@mrbu-devtest ~]# /sbin/service httpd start
httpd: unrecognized service
[root@mrbu-devtest ~]#

Unrecognized service will come if httpd is not installed.
else the output will come like this

[root@mrbu-devtest ~]# /sbin/service httpd start
Starting httpd: [ OK ]
[root@mrbu-devtest ~]#

3- Let's install the server on linux.
if you've connectivity to internet just do this

[root@mrbu-devtest ~]# uname -a
Linux mrbu-devtest 2.6.9-42.7.ELsmp #1 SMP Tue Sep 5 18:29:39 EDT 2006 i686 i686
i386 GNU/Linux
[root@mrbu-devtest ~]#
[root@mrbu-devtest ~]# yum install httpd
Setting up Install Process
Setting up repositories
emergency-install 100% |=========================| 1.1 kB 00:00
psec-tools 100% |=========================| 951 B 00:00
engineering-install 100% |=========================| 1.1 kB 00:00
engineering-update 100% |=========================| 1.1 kB 00:00
desktop-install 100% |=========================| 1.1 kB 00:00
base 100% |=========================| 1.1 kB 00:00
desktop-update 100% |=========================| 1.1 kB 00:00
cisco-linux-common 100% |=========================| 1.1 kB 00:00
emergency-update 100% |=========================| 1.1 kB 00:00
cisco-linux-desktop 100% |=========================| 1.1 kB 00:00
Reading repository metadata in from local files
...
...
...
once this is done.
now we have to start the webservice
[root@mrbu-devtest ~]# /sbin/service httpd start
Starting httpd: [ OK ]
[root@mrbu-devtest ~]#

4- Add or edit a WebPage.

[root@mrbu-devtest httpd]# cd /var/www/html/
[root@mrbu-devtest html]# ls
[root@mrbu-devtest html]# vi index.html
[root@mrbu-devtest html]#
[root@mrbu-devtest html]# cat index.html
!!!Woo it's working !!!
[root@mrbu-devtest html]#
<br />


Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)