I need a managed allocation of some ports and destination-IPs.
The existing public network (a /28) is following:
3x2mbit----->ISP-router------>switch------->5 firewalls (4 companies).
now i want to build following:
3x2mbit----->ISP-router---m0n0--->switch-----> 5 firewalls.
The m0n0wall must run as bridge, because i have only access to three
existing firewalls and there are some VPNs and public servers and i hate
outgoing pipes with high priority are:
https to 4 IPs
20 site to site IPsec-VPNs to static and dynamic IPs
outgoing with medium priority is:
SMTP from two mailservers
client IPsec-VPN and Cisco VPN-Client
outgoing with low priority is:
http, https to other, ftp, time, ssh, telnet, VNC
incoming with high priority is:
SMTP(S),IMAPS,POPS,HTTPS to the mailservers
incomming low priority is:
ftp to a mail/webserver.
the "rules" for the incomming traffic are not completed by me, i have to
check the possibilities, because a "SMTP-storm" to one of the
mailservers may not break the traffic to the other mailserver or the VPNs.
Has someone already done a similar configuration and can give me some hints.
I am expecting the most problems with the VPNs.
Every idea, hint etc. is welcome