First of all, my english is't so well!!
I love the m0n0wall! It's easy to use and mange!!! I have used it for my
home network and et works great!
…..But can the m0n0wall be used to som bigger solutions ??
I am a system admin for a large network and we want a new firewall, but have
som questiens about VPN and the m0n0wall.
Before you read longer, plz see the 2 drawings i have made of the network.
http://www.rhj.dk/temp/draw1.gif and http://www.rhj.dk/temp/draw2.gif
The DMZ network and so on is working just fine (with NAT between the 2
m0n0walls) - But the questien is VPN!!!
I have almost 20 users with a laptop (windows XP), and 4 locations with
m0n0wall as firewall. The 4 location is using Ipsec as VPN to the "outside
FW ind the headqurter" but I want to give them access to the hole inside
lan, not the lan between the 2 m0n0walls. But how? I am thinking about
opening ipsec at the outside m0n0wall and allow ipsec to the indside
m0n0wall - but how?? And what about NAT between the FWs??
And the same with my remote users, they want to access the inside lan, but
they uses dial up network - and have a dynamic IP. The machins is running
windows XP with a SSH sentinel client (ipsec client for windows) but how do
I setup the m0n0wall to access connections of a dynamic IP??
And at last, is it a good idear with a IDS server on the LAN between the 2
~ Ronni Jorgensen