From: Sam Sgro (sam_at_freeswan.org)
Date: Mon Jul 29 2002 - 15:38:36 CEST
-----BEGIN PGP SIGNED MESSAGE-----
On 30 Jul 2002, Patrick Lhermie wrote:
> Is it possible to have freeswan on linux box with only one ethernet
> card. All docs refers to a firewall/freeswan combo, ie a gateway with 2
> or more ethernet cards.
> And in most cases, it also refers to a network to network VPN
> configuration.
>
> I just want to have an host to network configuration and why not, a
> separate VPN host from firewall.
>
> Something like this:
> LAN---------FW---INTERNET--------HOST somewhere (telecommuters...)
> |
> VPN
>
> If this is possible, where is VPN host ? DMZ ? LAN ?
If you are looking to have a direct host to host connection in this situation,
yes, it is possible. You don't mention NAT being involved at any point; so, as
long as you make the proper holes in your firewall for traffic to get through,
you won't have a problem. This configuration will depend on what firewall you
are using; read doc/firewall.html for a basic list of the requirements.
As for the configuration, all the examples you'll find on the list or in the
docs apply here. You just don't need to set the "left/rightsubnet" parameters.
Sam Sgro
sam_at_freeswan.org
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv
Comment: For the matching public key, finger the Reply-To: address.
iQCVAwUBPUVFXkOSC4btEQUtAQGNWwQAzSuE9xFq6mzw5Can4747rBBJNH3Z4AnX
ohJSYCzFg4PkCCw1P25MLGKyxIjXeiIMM9xc6RS80r6TCRoeWcmQRpbIMVTLVq+Z
U2ApbutaLm2Y2NaCb8LzsN/3eIkPWuq3p37zNZgvLG+AWE6P2yeeoCvH0UXcE+UX
VTeXwYb7K74=
=knKy
-----END PGP SIGNATURE-----
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.4 : Mon Aug 05 2002 - 21:01:34 CEST