|
||||||||
Hello, everybody! First of all, my english is't so well!! I love the m0n0wall! It's easy to use and mange!!! I have used it for my home network and et works great! …..But can the m0n0wall be used to som bigger solutions ?? I am a system admin for a large network and we want a new firewall, but have som questiens about VPN and the m0n0wall. Before you read longer, plz see the 2 drawings i have made of the network. (furture plans?) http://www.rhj.dk/temp/draw1.gif and http://www.rhj.dk/temp/draw2.gif The DMZ network and so on is working just fine (with NAT between the 2 m0n0walls) - But the questien is VPN!!! I have almost 20 users with a laptop (windows XP), and 4 locations with m0n0wall as firewall. The 4 location is using Ipsec as VPN to the "outside FW ind the headqurter" but I want to give them access to the hole inside lan, not the lan between the 2 m0n0walls. But how? I am thinking about opening ipsec at the outside m0n0wall and allow ipsec to the indside m0n0wall - but how?? And what about NAT between the FWs?? And the same with my remote users, they want to access the inside lan, but they uses dial up network - and have a dynamic IP. The machins is running windows XP with a SSH sentinel client (ipsec client for windows) but how do I setup the m0n0wall to access connections of a dynamic IP?? And at last, is it a good idear with a IDS server on the LAN between the 2 m0n0walls ?? ~ Ronni Jorgensen |