Child pages
  • CommIT VPC DNS and VPN Setup
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 12 Current »

Installation 

yum install -y --enablerepo=epel openswan xl2tpd bind


Configure /etc/named.conf and the zone file /var/named/masters/commonidtrust.org (see examples attached).  Configure xl2tpd and Openswan.

chkconfig named on

chkconfig ipsec on

chkconfig xl2tpd on

Recursion is disabled and rate limiting is set at 5 per second.  Since there are a total of 3 records, this is basically impossible to use in any form of attack, ever, and it's in a personal account anyway.

Logging

named logs to /var/log/messages

Start/Stop Commands

/etc/init.d/named start

/etc/init.d/named stop

This is configured to serve up the A and/or CNAME records for account.commonidtrust.org, helpdesk.commonidtrust.org, and login.commonidtrust.org for the specific VPC environment. 

VPN Docs:

pretty much just stole http://www.stormacq.com/build-a-private-vpn-server-on-amazons-ec2/

  • No labels