[RLUG] IPSec using OpenSwan... with intermediate vpn-passthrough
firewalls on both sides
Brian Morris
bmorris at cyberarmor.net
Tue Nov 14 07:39:27 PST 2006
Anna,
In a normal and RFC-supported configuration the two firewalls *are* the
end points. You would establish the tunnel between those two firewalls.
Afterwards, if you need to limit use of this tunnel to specific hosts
you can create ACL's on each side to lock it down and then pinhole it.
Brian
Anna wrote:
> Hi.
>
> Today I'm working on setting up a VPN between two hosts... both on
> NAT'd firewall protected networks. The firewalls are not Linux based,
> but they both have VPN Passthrough support. (both PPTP and IPSec.)
>
> It looks like setting up a basic IPSec tunnel between two hosts on the
> same network is pretty easy. Setting up a tunnel where one side is
> protected by a NATing firewall looks doable. I have not found anything
> about setting up a tunnel with two NATing firewalls between the two
> tunnel endpoints though. Does anyone here know anything about such a
> setup? Or, do you know of a reference I might be able to make use of?
>
> Thanks,
>
> - Anna
>
> _______________________________________________
> RLUG mailing list
> RLUG at rlug.org
> http://lists.rlug.org/mailman/listinfo/rlug
>
>
More information about the RLUG
mailing list