From: Bernhard Thoni (stegbthmailing_at_tronicplanet.de)
Date: Fri Oct 18 2002 - 15:19:16 CEST
hello everybody,
we are thinking about the following layout, and which elegant ways there
are to implement it, so that the roadwarrior can access the subnet behind
the ipsec-gw AND also access the webserver on the same machine;
RoadWarrior ---------- ----- --------Freeswan-GW---LAN(192.168.0.x/24)
(win / linux) +Webserver
(2 official ip's)
on one of the official ip's there is freeswan running, on the other is
the webserver listening;
so when the tunnel between rw and ipsec-gw is up, and the rw wants to
access the webserver, all webserver-request-traffic from the rw is sent
back in the tunnel for the rw from the ipsec-gw;
one solution in our opinion could be, to mark the
rw-webserver-request-packets on the firewall, and then work with
tc/iproute, to bring packets back to the client;
but this seems a little bit complex at the moment;
would it be possible to work with virtual-ips on the the roadwarrior to
solve the above problem?
any other ideas?
thanx in advance,
greetings,
bernie
-- _______________________________________________ Users mailing list Users_at_lists.freeswan.org http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Sat Oct 19 2002 - 05:20:27 CEST