[ previous ] [ next ] [ threads ]
 
 From:  Henning Wangerin <mailinglists dash after dash 041101 underscore reply dash not dash possible at hpc dot dk>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] VPN possibilities
 Date:  Wed, 03 Nov 2004 16:32:52 +0100 
On Wed, 2004-11-03 at 11:30, Vincent Fleuranceau wrote:

> The problem is that you won't always seat on the same 'side' of the 
> router: sometimes on the WAN side, sometimes on the LAN side...

Could that be solved by putting two extra interfaces on the router, and
forwarding vpn-trafic into a specific interface?

something like this?

WAN-->--         DMZ1 ->--+
LAN-->--  MONO            |
WLAN->--         DMZ2--<--+

all vpn-traffic from WAN/LAN/WLAN is forwarded to DMZ1 and going into
the DMZ2 interface where the vpn-software is listening?

(ok just a crasy idea)

> I don't know if it's a real problem, but I guess IPsec won't like 
> this... OpenVPN (if binding all interfaces) may work -- not tested.

Why should/would they care about how I get in? if the deamon is
listening on all interfaces i'd say it should work.

What about the nat problem?

My router is running a static IP _and_ available thru dns-lookup (though
rDNS do not give the same name)
-- 
Henning Wangerin <mailinglists dash after dash 041101 underscore reply dash not dash possible at hpc dot dk>