[ previous ] [ next ] [ threads ]
 From:  "Andrew Cotter" <andrew dot cotter at somersetcapital dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  LAN IPSEC vs OPT1 internet config
 Date:  Mon, 12 Jun 2006 11:30:10 -0400
Just as a sanity check before I head down a path... I use a two port WRAP at
home with a very simple config and have setup PPTP so I can connect
remotely.  Works wonderfully.  I want to check that a 3 port wrap board (or
comparable hardware) could be used in the following config if I deploy these
at work.

At our headquarters we have a box capable of IPSEC tunnels (watchguard).

For remote offices, primarily home offices, we are thinking of installing
M0n0 boxes that have a full time VPN.

A protected link for all LAN connected computers back to our headquarters
Headquarters <-- IPSEC VPN  via internet --> WAN <--> LAN <--> Business

As they are mostly home offices, our remote staff tend to want to use their
internet connections for personal computers as well.  With the third (OPT1)
interface, could we have their personal network or computer routed to the
internet and not over the IPSEC VPN tunnel into our network?
Internet <----> WAN <--> OPT1 <---> personal desktops

This makes total sense to me but just a check before I go out a pick a
couple of boxes to begin testing.