0

I will be building a server based on Debian that will have several functions in a small office (5-10 users). The primary function will be as a file server, but I would like to set the office up to use only thin clients connected to this single computer. Additionally I have the requirement that users be able to log into their clients remotely over a VPN.

I know that a VPN requires two network cards, 1 to the internet and 1 to the LAN. LTSP also uses two network cards, 1 to the internet and 1 to the LAN.

For a server to do both do I need to have more than two cards? (i.e. one to the internet and two to the LAN)

LT999
  • 13
  • 2

2 Answers2

1

Theoretically no. But I highly advise against this type of setup. You need two different boxes one to handle VPN and the other to handle LTSP. This could pose a security threat otherwise. Also be sure to have a solid firewall. VPN's are useful but can be very dangerous if not properly configured. But to answer your question no you should only need 2.

leigon
  • 38
  • 6
  • Out of curiosity what is the security flaw in this beyond that of a normal VPN? – LT999 May 07 '14 at 23:13
  • 1
    @LT999 - you generally do not want to mix something like your fileserver and VPN. That provides direct access to the fileserver to exploit a weakness in the VPN to gain access to it. If you have limited resources you might be able to setup a virtualized host that then runs both of these services as separate VM's on the host. – slm May 08 '14 at 12:04
1

This is a partial answer that addresses the portion of the question about setting up a SOHO file server. For that I would check out http://www.zentyal.org/

I've been using this in home and lab environments for a few years now and love it. It's Debian based so you can add on top of it, but a heck-of-a-lot-less time consuming than building something from scratch.

It also has a built-in DHCP server with an LTSP module which currently only allows you to provision a Fat / Thin Ubuntu image, but you can go into /var/lib/tftpboot and drop your own images in.

Also on the security side, pretty good firewall and IPS built-in, probably not so for service providers, but fine for small use.

Also I should mention that I have mine running on a Single-core 2GHz Celeron with 2GB RAM, and it runs fairly smoothly.

nmon Zentyal

slm
  • 363,520
  • 117
  • 767
  • 871
tolster710
  • 29
  • 1