Mark J Hewitt wrote:
>Not sure about nice, but lets try this very simplified picture:
>
>Laptop (SSL VPN Endpoint)
>  |
>  +-----------+---------- (Home LAN)
>              |
>              Firewall (Shorewall, DNAT config)
>              |
>              Big Bad Internet
>              |
>              Office VPN Endpoint
>              |
>-----+---+---+---+---+----- (Office LAN)
>      |
>      My Server
>
>
>So I have a listener on the Laptop.
>There is a server process on My Server that wants to connect to that
>listener.
>When the Laptop connects, it is given a DHCP allocated IP etc.
>
>So my question is - How do I make the port(s) on which the laptop is
>listening accessible to the process on My Server ?

So your laptop builds a VPN tunnel to the office network, and gets an 
address from the office ? This is how I believe it normally works.

If this is the case then you do nothing in Shorewall as it takes no 
part in managing traffic across the VPN (it only has to pass the 
encrypted packets). The server simply connects to the OFFICE IP 
address given to the client by the office VPN gateway and the VPN 
system will take care of passing them along to the laptop.

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to