|
|
Hello again, I understand your point about not really gaining anything by my proposed idea. If I setup a gateway machine behind the router, no firewall on the gateway machine, that is also running the openVPN software any employees who hook up wirelessly to the network will not go through the gateway and therefore not have proper access to the VPN. I am however still very curious about the gateway idea, so long as it is possible to have connected to the network behind the hardware router. I am far from giving up on the this project John, and I am positive I will get a working solution soon Thank you for all your help and suggestions Michael Kelly >>> John Locke <mail@xxxxxxxxxxxx> 02/04/2004 10:21:13 am >>> On Fri, 2004-04-02 at 10:53, Michael Kelly wrote: > Just had a thought. > Would it be at all helpful or ease the setup if I built a box for each > end that was a Linux system running both as a firewall and a VPN gateway > and all traffic coming into and out of both offices would travel through > this machine. Essentially I would allow the hardware router to do what > it is supposed to do, forward ports, block unwanted exterior traffic, > etc...., but when it came to the VPN stuff, the Linux Firewall/VPN > gateway would do all that work. It could also protect us against > unwanted outgoing information from any unknown viruses or spyware. > Well, you gain a lot of flexibility by using a Linux firewall/router. But I'm not sure you ease any of the challenges, and in this case, I don't see what you would gain. If you make the default gateway for your network the same machine as the VPN gateway, you don't have to configure routes back to the tunnel--but if it's also running a firewall, you spend a similar amount of time configuring the firewall rules to allow the traffic through the tunnel... > Do you think this could be a viable solution to the challenges I am > facing with setting up a VPN system with openVPN? > Believe me, the challenges of OpenVPN pale in comparison to IPSec! VPNs in general require a fairly good understanding of networking principles. With that understanding, OpenVPN is great because it's so simple to administer and use. Setting up these routes is really not hard at all, as long as your firewall/router supports it! Cheers, -- John Locke Open Source solutions for small business problems http://freelock.com ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |