[ previous ] [ next ] [ threads ]
 From:  Henning Petersen Wangerin <m0n0wall at hpc dot dk>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Multible internal VPN-links and more ;-)
 Date:  Sat, 05 Jun 2004 22:49:01 +0200

I have a tricky network setup at a customer.

Four wired LANs, One with a dlink DWL900AP+ setup as accesspoint, and
three dlink DWL900AP+ setup as wireless clients.

Now they want to segment the LAN, at ensure security for a part of the
users, but they are spread out on one of the "remote" segments, and a
part of the "central" segment, but not all. Internet-access is
available at the same location as the central accesspoint.

My idea:

1) Place a monowall at the central accesspoint

2) Place an additional monowall on right after the accesspoint on the
"remote" segment.

3) Luckily the "unsecure" pcs on the central segment is located
closely together, so it might also be posible to split the central
segment into two by a monowall.

My questions:
1) Would it be possible to setup vpn-tunnels through a "secure zone"
(#3) to the central monowall (#1) for internet-access and acces the
unsecured segments on of the wlan, without the possibility to access
the pc´s on the link?

2) Make the vpn-connection from the secure remote segment (#2) to the
central monowall, to access the secure part of the central segment?

3) This involve 2 (or more) seperate "vpn-segments" would that be
possible at the same time and on the same central monowall?

4) Is it possible to add a Wifi-card to the central monowall, and let
that act as accesspoint, to allow trafic-shaping over the wlan? The
virtual vpn-lan should have 1st priority.

5) More qustions is likely to come ;-)

Venlig hilsen / Best regards
	Henning Wangerin
        Skoletoften 9, Blans   
        DK - 6400 Soenderborg
        Tlf. 36948694 via www.musimi.dk - VoIP til det danske folk