Date: Wed, 05 Feb 2003 12:05:10 -0500 From: Bill Moran <wmoran@potentialtech.com> To: Marcel Stangenberger <marcel@hayholt.org> Cc: Philip Hallstrom <philip@adhesivemedia.com>, questions@FreeBSD.ORG Subject: Re: building a VPN with FreeBSD 4.7p3 Message-ID: <3E414446.3060500@potentialtech.com> References: <20030204080406.Q23132-100000@cypress.adhesivemedia.com> <20030204214707.X52428@eldar.hayholt.org> <3E40466E.3000906@potentialtech.com> <20030205125500.A53666@eldar.hayholt.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Marcel Stangenberger wrote: >>>My intention is to have a webserver in a colocation at my ISP but have the >>>databaseserver and imap server at another location. Since i use BasiliX >>>for webmail access i would like to have a secure connection between these >>>3 systems. >> >>I don't understand how vtun isn't what you're looking for? I've used it for >>setups very similar to what you're describing. >> >>Perhaps a look at the vtun home page, which gives a better description >>of what all vtun can be used for. > > I've read the website and i figured that vtun is for binding two networks > together. The problems that i have is that: > > 1. My FreeBSD internal system is not doing routing/nat, it has only one > interface with an RFC1918 IP on it. The router is an Allied Data 810. > 2. My FreeBSD webserver doesn't have an inside interface, only an outside. Neither of these points prevents you from using vtun. Nor does either of them make it any more difficult to use, really. Actually, they're both good reasons to use vtun. Just set up your webserver as the vtun 'server' and the MySQL server as the vtun 'client'. Make sure to use TCP (not UDP) and things will work just fine. > i'll try to make an ascii drawing of the situation : > > --------------- > | mysql server|-------- > --------------- | > 192.168.0.2 |switch| > | | > | | > -------------- | | 192.168.0.1 > | imap server|--------- --------|router| > -------------- | 100.100.100.100 > 192.168.0.4 | > internet > ----------- | > |webserver|---------------------------- > ----------- > 200.200.200.200 > > > I Hope this makes it a bit clearer, or you be able to tell me where i'm > wrong in this. I'm not sure exactly _where_ you're wrong, but you are. It can be done, quite easily in fact. What about your setup makes you believe that vtun can't create the connection you want? -- Bill Moran Potential Technologies http://www.potentialtech.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3E414446.3060500>