Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Firewall Wizards: Linux Router/Firewall/NAT/VPN?

Linux Router/Firewall/NAT/VPN?

From: Jonas Anden <dajudge_at_home.se>
Date: 05 Oct 2001 15:13:07 +0200

Hi.

  I'm looking to building a combined router/firewall/vpn solution based
on Linux 2.4.x, iptables and FreeS/WAN. Clients are on Windows 2000
Professional machines. I want the following setup:

Client
   |
Internet
   |
R/F/V
   |+--- DMZ (Public IPs)
   +---- LAN (Private IPs)

The router/firewall/VPN does NAT translation for the office LAN.

Clients should be tunneled into the office lan segment. If they attempt
to reach DMZ adresses, that should be handled as if they were connected
locally on the office LAN.

The routing and NAT:ing I got pretty much covered; it's the IPSEC VPN
solution I'm unsure about. Is the above setup secure? (or rather, are
there any obvious messups?)

Clients have dial-up connection to local providers. I got the 2.4.10
kernel with FreeS/WAN compiled in on the FW; do I need any special
software (on the client or on the FW) to establish a VPN connection from
the client? Do I need a separate subnet for the VPN clients?

  // J

_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_nfr.com
http://list.nfr.com/mailman/listinfo/firewall-wizards
Received on Oct 05 2001

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]