Adjusting settings from Ubuntu 14.04 to 22.10

Bokica

2/17/24, 7:59 AM

Recently, Ubuntu Server 14.04 in my company got broken. We used that server as default gateway, users have access to file server (Windows 2012), internet and VPN. I made connection with file server and internet but I have problem with VPN.

File /etc/network/interfaces on old server looked like this:

auto lo eth2 eth1 eth2:0 eth2:1 eth2:2
iface lo inet loopback

iface eth2 inet static
        address 192.168.101.201
        netmask 255.255.255.0
        network 192.168.101.0
        broadcast 192.168.101.255
        dns-nameservers 8.8.8.8

iface eth2:0 inet static
        address 192.168.102.201
        netmask 255.255.255.0
        broadcast 192.168.102.255
        network 192.168.102.0

iface eth1 inet static
        address 192.168.1.2
        netmask 255.255.255.0
        broadcast 192.168.1.255
        network 192.168.1.0
        gateway 192.168.1.1
        post-up iptables-restore < /etc/iptables.up.rules

iface eth2:1 inet static
        address 192.168.10.201
        netmask 255.255.255.0
        broadcast 192.168.10.255
        network 192.168.10.0

iface eth2:2 inet static
        address 10.26.97.201
        netmask 255.255.255.0
        broadcast 10.26.97.255
        network 10.26.97.0
        up route add -host 10.26.60.1 gw 10.26.97.1

On Ubuntu 22.10 I configured etc/netplan/00-installer-config.yaml like this:

network:
  ethernets:
    enp3s1:
      addresses:
       - 192.168.1.2/24
      gateway4: 192.168.1.1
      dhcp4: false
      dhcp6: false
      optional: true
      nameservers:
              addresses: [192.168.101.99]
              search: [iasu.local]
    enp2s0:
      addresses:
       - 192.168.101.201/24
       - 192.168.102.201/24
      dhcp4: false
      optional: true
      nameservers:
          search: [iasu.local]
          addresses:
          - 192.168.101.99
          - 8.8.8.8
version: 2

File /etc/iptables/rules.v4 looks like this:

# Generated by iptables-save v1.8.7 on Tue Feb 14 14:41:10 2023
*mangle
:PREROUTING ACCEPT [56475:51506045]
:INPUT ACCEPT [1684:158193]
:FORWARD ACCEPT [54586:51318730]
:OUTPUT ACCEPT [1564:201453]
:POSTROUTING ACCEPT [56327:51546519]
COMMIT
# Completed on Tue Feb 14 14:41:10 2023
# Generated by iptables-save v1.8.7 on Tue Feb 14 14:41:10 2023
*filter
:INPUT ACCEPT [1684:158193]
:FORWARD ACCEPT [54586:51318730]
:OUTPUT ACCEPT [1545:199261]
COMMIT
# Completed on Tue Feb 14 14:41:10 2023
# Generated by iptables-save v1.8.7 on Tue Feb 14 14:41:10 2023
*nat
:PREROUTING ACCEPT [820:100362]
:INPUT ACCEPT [38:4630]
:OUTPUT ACCEPT [75:9186]
:POSTROUTING ACCEPT [83:9602]
-A POSTROUTING -s 192.168.101.0/24 -o enp3s1 -j MASQUERADE
-A POSTROUTING -s 192.168.102.0/24 -o enp3s1 -j MASQUERADE
COMMIT
# Completed on Tue Feb 14 14:41:10 2023

To access web site using VPN I have to enter these parameters in TCP/IP settings VPN settings on my Windows computer, then in web browser I have to type http://10.26.60.1/arhiv to access website VPN web site.

I have to allow access to all users to file server, internet and VPN web application on Ubuntu 22.10.

Default gateway on all computers is 192.168.101.201 or 192.168.102.201.

104

0 + 6

vpn

file-server

14.04

netplan

22.10

Artur Meinild

2/17/24, 8:10 AM

Just a quick tip: If you're using Ubuntu as default gateway, make sure it has the latest security patches. Tip, pt. 2: Ubuntu 14.04 didn't have any security patches since 2019. Tip, pt. 3: Therefore, you should have switched to a newer version around 2018, to have time for the transition.

David

2/17/24, 8:11 AM

Why 22.10? You picked a version that only has a 9 month support cycle. A better choice would have been 22.04 with a 5 year cycle.

Artur Meinild

2/17/24, 8:11 AM

Agree with @David - always use LTS for these applications.. ^^

Bokica

2/17/24, 9:40 AM

Thank you for your advice but I need help with configuration of new server. How to enable access via VPN with parameters above.

slangasek

2/17/24, 5:46 PM

You do not explain what is not working. Your Windows connection settings show you using a gateway address that is not on this Ubuntu server, and your VPN is not on the Ubuntu server. So it is unclear at what point your VPN connection is failing or why this would be impacted by the Ubuntu server.

Bokica

2/17/24, 7:10 PM

If I enter parameters in TCP/IP settings on my Windows machine, as shown on picture, I can access VPN but I cannot access internet and fileserver. All machines are on 192.168.101.xx network so I have to configure Ubuntu so that when Windows machines are configured as they are with 192.168.101.xx, subnet 255.255.255.0, default gateway 192.168.101.201, primary DNS 192.168.101.99 and 192.168.1.1 they can access website 10.26.60.1/arhiv

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Adjusting settings from Ubuntu 14.04 to 22.10

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.