Shawn This is not going to please you :-(
Am 26.02.2015 um 20:03 schrieb Shawn Heisey: > On 2/26/2015 10:54 AM, Michael O Holstein wrote: >> Are these windows machines? .. configure IPSEC policies to do what you want >> (locally, on the machines). >> If they are a mix of windows/linux or all *nix you can do it with policy >> based routing and IKE demon of whatever flavor you like. >> >> Also consider just setting up "opportunistic IPSEC" if you have the ability >> to configure DNS for it. I feel like you are attemptimg a relatively simple task with very complicated means. Please correct me if I got this wrong. I understand - I have a number of machines (physical or virtual) in a local environment where I don't want anyone to access traffic easily. - I want sophisticated load balancing, high availability and multicasting between these nodes. This mixed together is an interesting situation for a lab and for educational purposes but if you want to do this in a commercial environment, consider building a separate protected _real_ LAN. Don't use VLAN's (so forget about virtual machines, they all use them) because they are easy to monitor. Forget about the danger of someone snooping on your machines, if you can't protect them from snooping then you lost anyway. I bet this would be a lot safer, cheaper and easier to implement. If something has to be real safe you have to pull the plug. cheers ET
smime.p7s
Description: S/MIME Cryptographic Signature
------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
