[KLUG Members] IPTABLES and VPN support
John Pesce
pescej at sprl.db.erau.edu
Wed Apr 12 15:25:04 EDT 2006
On Wed, 2006-04-12 at 14:45 -0400, bill wrote:
> On Wed, 2006-04-12 at 13:57, Adam Tauno Williams wrote:
>
> > > So I would need a firwall between my
> > > VPN server and my boxes that provide the stream.
> >
> > Yep.
>
> Can you explain that one? It sounds like you are saying you need two
> firewalls on your LAN. One between your network and the internet, the
> other between your VPN server and your network.
Maybe, I'm trying to figure this out. I want to get data FROM BoxB
(probably in a DMZ) TO BoxA.
Which is more secure?
This is complicated because we want BoxB to be really be two redundant
servers for fail over. i.e. When BoxA looses connection to BoxB1 it will
then connect to BoxB2. To accomplish this I think I need Option1.
I don't see how Option 2 would work with failover.
Option 1:
----- VPN server---FW---BoxB
/
/
BoxA---VPNclient---FW---Internet---FW----MyLAN
Option 2:
----- VPNclient---FW---BoxB
/
/
BoxA---FW--VPNserver--Internet---FW----MyLAN
More information about the Members
mailing list