[ previous ] [ next ] [ threads ]
 
 From:  Christoph Hanle <christoph dot hanle at leinpfad dot de>
 To:  m0n0wall <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Weird setup
 Date:  Thu, 16 Aug 2007 17:52:41 +0200 
Mike wrote:
> I happily run m0n0 boxes in a multiple site to site VPN. However, at
> one site, the need now has arisen to implement a form of transparent
> proxy for caching purposes, net filtering, and a few other features
> that m0n0 will not handle.
[...]
> Essentially IPcop does not need to act as a firewall, it has to pass
> the IPsec traffic through to the m0n0 box. It only needs to act as a
> proxy. Should I just ditch the m0n0 in favor of IPcop? Hate to do it.
> Hopefully someone has dealt with something similar.
>
> Mike
Hi Mike,
two other suggestions:
1. take a look at untangle as bridge  ( http://www.untangle.com ), i
have no experience with it.
or
2. take a look at the endian firewall http://www.endian.it ( a fork of
ipcop) , which can be implemented as a 1NIC-proxy and take it into a
DMZ, but it depends on the services you want to proxy and it is not a
transparent proxy. This i have running in the DMZ of a M0n0wall secured
network for FTP,HTTP(S) and DNS. The implementation into another network
with additional SMTP is in the early stage.

bye
Christoph