vpn endpoint inside firewall
Bookmark this page:
 Yahoo!
 Google
 Windows Live
 del.icio.us
 digg
 Netscape
|
|
||||||||||
|
Posted by Jaz on November 2, 2006, 2:47 pm
Please log in for more thread options Hi all, When placing a VPN router/server inside a firewalled network, I assume it will be fine to just attach one LAN-side port to the local LAN, and not have a connection to the vpn router's WAN port. Yes? My firewall router is a Linksys WRT54G v3.0 running HyperWRT v15c. I'm using this setup because I need lots of ports forwarded (more than what's available with the standard firmware), and I need to be able to forward GRE using iptables. And I'd like to keep the firewall separate from the vpn endpoint. For the vpn endpoint I'll be using a Netscreen, Netgear, D-Link, or Linksys. The client will be an XP laptop running a clinet that's IPsec -- either the vpn device's proprietary client or TheGreenBow, etc. Alternately, I could move the WRT54G to the inside and use it as just a wireless access point, but I'd need to port-forward 30+ ports. (usually soho routers only allow 10 or so.) I've had trouble setting up various software VPN servers: A) XP host inside private network listening for VPN conections: -- I forwarded nececary ports, plus used IP tables to be sure the GRE is forwarded. -- Got 721 error. Tried & tried & tried. No joy. B) OpenVPN running on same XP box: -- Bridged network and Tapi interfaces. -- On laptop, worked okay, but soon stopped. -- Note, when switching from Ethernet to Wireless must delete bridege, recreate & rename bridge on new interface. PITA. So, what's the popular physical arrangement for a soho VPN box inside the firewalled home LAN? Thanks in advance. | ||||||||||
