Archive for the tag 'virtual'

SBDavid

Virtual Private Networks (VPNs)

Virtual Private Networks (VPNs)

VPNs allow for secured digital communication between two parties (or networks), creating a Wide Area Network (WAN) from existing Local Area Networks (LANs). Where it differs from frame relay or ATM is in its transport medium. VPNs transmit over IP using datagrams as the transport layer, making it a secure conduit through the Internet to an intended destination. Most free software VPN implementations incorporate open standard encryption methods to further mask data in transit.

VPNs transmit over IP using datagrams as the transport layer, making it a secure conduit through the Internet to an intended destination. Most free software VPN implementations incorporate open standard encryption methods to further mask data in transit.

There are several vendors with hardware VPN solutions such as Cisco, Nortel, IBM, and Checkpoint. There is a free software-based VPN solution for Linux called FreeS/Wan that utilizes a standardized IPsec (or Internet Protocol Security) implementation. These VPN solutions, regardless if hardware or software based, act as specialized routers that sit between the IP connection from one office to another.

When a packet is transmitted from a client, it sends it through the router or gateway, which then adds header information for routing and authentication called the Authentication Header (AH). The data is encrypted and is enclosed with decryption and handling instruction called the Encapsulating Security Payload (ESP). The receiving VPN router strips the header information, decrypts the data, and routes it to its intended destination (either a workstation or node on a network). Using a network-to-network connection, the receiving node on the local network receives the packets decrypted and ready for processing. The encryption/decryption process in a network-to-network VPN connection is transparent to a local node.

Because they employ several layers of authentication and encryption, VPNs are a secure and effective means to connect multiple remote nodes to act as a unified Intranet.

In Usermin’s Read Mail module, how can I set users’ From addresses when my server hosts multiple virtual domains?

By default, when a user composed email the From field contains username@systemhostname. This can be changed by following these steps :

Login to Webmin on the same server, and enter the Usermin Configuration module.

Click on Usermin Module Configuration.

Click on Read Mail.

In the Default hostname for From: addresses field, enter the domain or hostname that you want to appear after the @ in users’ From addresses.

If you want to stop users from changing their From address (to prevent mail forging), set the Allow editing of From: address option to No.

If you have multiple virtual domains and want different users to have different domains in their From addresses, you will need to set the

From: address mapping file to the name of a file that maps real email addresses to virtual domain email addresses.

This must be a text file, with each line containing :

username fromaddress

The username part of each line must be the user’s Usermin login, and the fromaddress is the new From address to assign to that user. The

username can also be the user’s full email address as it currently appears, such as joe@yourserver.com.

How can I create a Webmin user who can only configure one Apache virtual server or DNS domain?

In the Webmin Servers module.

Create a new user and give him access to only the Apache Webserver module.

After saving, click on Apache Webserver next to the user’s name in the list of Webmin users and use the form that appears to deny him access to everything except one selected virtual server.

Many other modules can also be configured in a similar way to restrict the access of a user to only certain DNS domains, Unix users or mail aliases.

« Prev