Darrell, as the existing SME is the gateway for the entire office, I would prefer to not take it off-line, but you do make a lot of sense. It will mean I can test only out of hours though, and my wife is not going to be happy.
I think the easiest option may be to remove the initial test envoronment from the loop altogether, but that makes updating blades / RPMs difficult, as it becomes a copy to floppy exercise. OR is this possible?? Internet | SME v5 | LAN (existing down to here) | (test setup below) 3 card freesco router | | SME1 SME2 | | LAN LAN I'll give it a go and see ..... Hugh Fox Sales Director www.drcauto.com drcauto now hosts support newsgroups: news://news.drcauto.com/drcauto.lt_toolkit news://news.drcauto.com/drcauto.smart_architect news://news.drcauto.com/drcauto.accurender_lt The same groups are accessible via your browser, go to: http://discussion.drcauto.com ----- Original Message ----- From: "Darrell May" <[EMAIL PROTECTED]> To: "Hugh Fox" <[EMAIL PROTECTED]>; "e-smith-Dev" <[EMAIL PROTECTED]> Sent: Tuesday, October 23, 2001 4:03 PM Subject: Re: [e-smith-devinfo] Setup my IPSec Test Environment > > I think it would be better to disconnect your live Internet for testing > and set this up: > > Internal LAN (existing) > | > SME v5 Gateway (existing) > | > Router (new - pretending to be internet) > | > SME v5 Gateway (new - for testing) > | > LAN (for testing) > > If you set the 'top' nic in your router to match your current Internet gw > ip then the existing SME5 requires no changes. Set the 'botton' nic in > your router as the new SME5 gw ip. Make sure your router freely passes > traffic across it's two nics and the security is implemented SME - SME > > What do you think. Does this make sense? > > Regards, > > -- > Darrell May > DMC Netsourced.com > http://netsourced.com > http://myEZserver.com > -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org