That's exactly what you want to do , outside of buying two devices which would then create the tunnel (basically a firewall - bastion box). Off the top of my head I can't think of a package, I'm sure they exist thought. You'll basically want to create an ipsec tunnel between the two devices, then route to the hardened Linux box based a packets destination. I'm sure others, or Google could help you find a package.
Shawn Harris PM Store Communications TJX, Co. "k0tu (AISec)" <[EMAIL PROTECTED]> on 10/31/2001 08:30:38 PM To: [EMAIL PROTECTED] cc: Subject: authenticating through a router probably a pretty basic question... i just want to gather others' suggestions for the best way to authenticate users between 2 sites connected by a dedicated T1. All internal private addressing is being used... each site has their own internet access. DHCP is being used on both internal networks. So if ACL's are used to allow certain IP's through, we'll probably run into "lease" issues. (static "trusted" machines is an option, i guess.) besides having the usual ACL's on the router(s)...after they hit the router, how could I authenticate users at the gateway, and continue on into the remote network? Both networks are Windows 2000. (Trusting both domains could also be an option, i guess ;) But that would be 2 domains. Can users from one domain use the same credentials on the "dedicated" domain, if they were added as users with the same passwords that exist on the already existing domain? To make a difficult long scenario short.... Is there any software I could put on a hardened linux box, that could do user authentication? Any suggestions would be appreciated...thnx. k0tu _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
