[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openbsd-newbies
Subject:    IpSec and vpn
From:       Steve <steve () videogroup ! com>
Date:       2004-01-23 20:00:02
Message-ID: 200401231500.02338.steve () videogroup ! com
[Download RAW message or body]

Hi,

I'm trying to verify capabilities and I'm not quite sure if it's doable.

The setup is as follows (all firewalls are OpenBSD 3.4):

There's an external network which I've built a firewall for in order to vpn 
into the office network (LAN 1). The office LAN has a PF + NAT border F/W 
with a DMZ and a mail server on it. Inside that I have a PF bridge to the 
internal LAN. 

All that's needed on LAN 2 is access to a server on LAN 1. 

LAN 2 (10.0.2.0)
    |
Firewall
    .
    .
INTERNET
    .
    .
Border F/W 
    |
    -------- Mail server
    |
Bridge F/W
    |
LAN 1 (10.0.1.0)

Can I put a vpn between the Bridge F/W and the LAN 2 F/W, or does bridging 
in PF exclude that capability?

The Bridge F/W does not seem to allow ssh in from the Border, though it does 
allow outbound (with stateful inspection) replies back in just fine, so I'm 
wary as to why. The same rules that let ssh in on the Border does not work 
in on the Bridge.
-- 


____________________________________
Steve Szmidt
VP Information Technology
Video Group Distributors, Inc.
727-585-7737
_______________________________________________
openbsd-newbies mailing list
openbsd-newbies@sfobug.org
http://mailman.theapt.org/listinfo/openbsd-newbies

[prev in list] [next in list] [prev in thread] [next in thread]