[ previous ] [ next ] [ threads ]
 From:  "Chris Schafer" <chris at techpartnersmaui dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Securiing ip Sec tunnel from some users on site
 Date:  Thu, 14 Sep 2006 08:51:37 -1000
I would like to know if this is a reasonable security plan for remote
office workers...


I am using M0n0walls to do ipSec tunnels.  But I would like the users to
be able to have other systems at the sites with internet access.  


So I am thinking I will have three networks on the end point systems.



LAN1 corporate lan

LAN2 everything else


I will leave the end point for the ipsec tunnel on LAN1 and then have a
firewall rule blocking LAN1<->LAN2 traffic.


Will this do what I want?  Any other issues?


Thanks Chris