[ previous ] [ next ] [ threads ]
 
 From:  "Ronni Jorgensen" <rhj underscore mail at rhj dot dk>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Enterprise m0n0wall firewall solution??
 Date:  Fri, 12 Dec 2003 18:39:59 +0100
Hello, everybody!

First of all, my english is't so well!!

I love the m0n0wall! It's easy to use and mange!!! I have used it for my
home network and et works great!



I am a system admin for a large network and we want a new firewall, but have
som questiens about VPN and the m0n0wall.
Before you read longer, plz see the 2 drawings i have made of the network.
(furture plans?)
http://www.rhj.dk/temp/draw1.gif and http://www.rhj.dk/temp/draw2.gif

The DMZ network and so on is working just fine (with NAT between the 2
m0n0walls) - But the questien is VPN!!!
I have almost 20 users with a laptop (windows XP), and 4 locations with
m0n0wall as firewall. The 4 location is using Ipsec as VPN to the "outside
FW ind the headqurter" but I want to give them access to the hole inside
lan, not the lan between the 2 m0n0walls. But how? I am thinking about
opening ipsec at the outside m0n0wall and allow ipsec to the indside
m0n0wall - but how?? And what about NAT between the FWs??

And the same with my remote users, they want to access the inside lan, but
they uses dial up network - and have a dynamic IP. The machins is running
windows XP with a SSH sentinel client (ipsec client for windows) but how do
I setup the m0n0wall to access connections of a dynamic IP??

And at last, is it a good idear with a IDS server on the LAN between the 2
m0n0walls ??

~ Ronni Jorgensen