On Thursday 13 June 2002 16:24, Allan Crooks wrote:
> Now I want to setup a LEAF box that would act as a router, but for
> certain traffic (going to a particular IP address), it would use
> IPSEC. But I need it to forward all traffic to the router (which is
> the main gateway).
>
> So essentially, I just have one ethernet card in my proposed LEAF
> box... is this doable?
I doubt it. Basically what you want is a VPN gateway w/o firewalling
if I am understanding this right. The documentation for Duckling
suggests this setup (hey, no VPN service running on the firewall...
should be safer :0), and basically what you do is drop the firewall
and simply setup a simple router with IPSec tunneling setup on it.
The option to choose in the filter section of /etc/network.conf will be
"none", and you will also need to drop the ipspoofing and martian
filtering while your in there. The result is a router that runs the
IPSec tunnel and forwards all other traffic thru to the DSL router
w/o any filtering at all.
The link to the DUCKLING article is at:
http://linuxjournal.com/article.php?sid=4772
I hope this helps,
--
~Lynn Avants
aka Guitarlynn
guitarlynn at users.sourceforge.net
http://leaf.sourceforge.net
If linux isn't the answer, you've probably got the wrong question!
_______________________________________________________________
Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas -
http://devcon.sprintpcs.com/adp/index.cfm?source=osdntextlink
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
