RE: [leaf-user] Bering VPN questions-School project

Thu, 03 Oct 2002 13:06:17 -0700 

Craig,
    Is there a reason that you want the traffic to the 2nd Bering box to 
"flow  through" the school's lan.
Instead of a VPN I would setup a dmz.
add a third interface to bering and run your lan behind it and the 
school's lan on the 2nd interface.

        Internet--------bering------your private lan (honey pot)
                                    |
                                    |
                             schools lan

If your dead set on a VPN use IP/Sec. It's supported by the Free S/WAN 
project for linux and Bering.

good luck
chris

>From: "Craig" <[EMAIL PROTECTED]>
>To: "LEAF" <[EMAIL PROTECTED]>
>Date: Thu, 3 Oct 2002 09:29:38 -0700
>Subject: [leaf-user] Bering VPN questions-School project
>
>Hi folks,
>At our high school, we have some extra, public IP addresses. For a
>project, I want to set up 2 Bering boxes. I want to use our extra public
>IP addresses and have the internet traffic to these addresses "flow
>through" the first Bering box to the final Bering box which will service
>several boxes on a LAN. In between the two Bering boxes is the school
>LAN, which I (obviously) need to safeguard, so I'm thinking that I need
>to create a VPN between the two Bering boxes and have all traffic
>"tunnel" through??? The purpose is to set up boxes on the internal
>private student LAN that students can access from home, etc. by using
>the public IP addresses (We want them to experiment with creating web
>sites and experience, invariably, getting "hacked", etc. while
>protecting the existing school LAN).
>
>Internet-----Bering Box 1----(School LAN)-----Bering Box 2-----Private
>Student LAN
>
>1.) This should be pretty easy to do with Bering, shouldn't it?
>2.) Will the internal school LAN be effectively protected by creating a
>VPN between the two boxes?
>3.) Any problems with my scenario that you can see? Comments,
>suggestions...??? (I welcome ALL thoughts and suggestions)
>
>Thank you,
>Craig
>
>
>
>
>
>
>--__--__--
>
>_______________________________________________
>leaf-user mailing list
>[EMAIL PROTECTED]
>https://lists.sourceforge.net/lists/listinfo/leaf-user
>
>
>  
>




-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Reply via email to