On Wed, Oct 03, 2007 at 09:30:53PM +0000, Dominique Claver KOUAME wrote: > Thanks for your reply, > Now I have three sites (A,B,C) with an Internet access on each site. The > different sites communicate via vpn in Internet cloud. And we want to > install on each site a firewall with shorewall. This shorewall will hand the > communication with the others sites via Internet but in the new > configuration, we must have vpn with ipsec between them. > The actually diagram is : > site-A to site-B vpn via Internet without encryption. > site-A to site-C vpn via Internet without encryption. > site-B to site-C vpn via Internet without encryption. > > My board request a new solution with firewall and IPSEC vpn for encryption > according to the actual diagram like this > > site-A[fw] to [fw]site-B - VPN + IPsec > site-A[fw] to [fw]site-C - VPN + IPsec > site-B[fw] to [fw]site-C - VPN + IPsec > > Help me to install the best solution to do it. > > Thanks more for your assistance > You are still not providing any real detail above what was in your original post. Start by reading this:
http://www.shorewall.net/IPSEC-2.6.html Then, figure out what you want to accomplish. That is, do you want all traffic to be routed via the VPN and then provide proxies (like squid or whatever) for the protocols which will require external access. Or rather, do you want only traffic destined for IP addresses at the various sites to traverse the VPN and other traffic to have direct access to the Internet in the clear? You need to figure out what you are trying to accomplish. Regards, -Roberto -- Roberto C. Sánchez http://people.connexer.com/~roberto http://www.connexer.com
signature.asc
Description: Digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
