[ previous ] [ next ] [ threads ]
 
 From:  "Jim Wells" <jwells at networksisp dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] IPSec
 Date:  Thu, 1 Apr 2004 19:26:34 -0500
----- Original Message ----- 
From: "Curt Shaffer" <curt at chilitech dot net>
To: <m0n0wall at lists dot m0n0 dot ch>
Sent: Thursday, April 01, 2004 5:15 PM
Subject: Re: [m0n0wall] IPSec


>
> Basically this is the situation:
>
> First of all thanks to Falcor for the very helpful documentation ;)
>
> Jim,
>
> I have three sites total. Each site will have a domain controller. I want
> all of the domain controllers to replicate over the VPN. I don't want to
> have the windows boxes on the outside for obvious reasons.
> I want the monowall boxes to create the tunnel which the DCs replicate
> over. Am I misunderstanding or do the monowall boxes actually create the
> tunnels  so that this is possible. The only other option that I can think
> of if not is to give the DCs external IPs and set up bridging firewalls at
> each location. I also have to replicate MSSQL over these links also.
>
> Thanks so much for the response!
>
> Curt Shaffer
> Wireless/Network Specialist
> Chilitech Internet Solutions
> 1-800-866-chili
> www.chilitech.com
>
>
<snip>

Curt,

Yes the monowall will create the ipsec vpn tunnel once you create the
configurations.
At the main DC site monowall create 2 seperate ipsec tunnels for the remote
networks
At each remote network create a ipsec tunnel back to the main site network.
Each
tunnel will have it's one seperate private network block and pre-shared key.
The setup
is fairly straight forward. I don't know what Falcor sent but sounds like it
helped in some
way :) You have to specify each remote network block in the main DC so the
replication
can occur in the first place. Once you have that worked out on your diagram
let us know.
The ipsec vpn tunnel will allow the DC to communicate to the secondary DC's

Jim Wells