On Monday 04 October 2004 4:54 am, Florin wrote: > I would like to have more details about the "manual modification". Maybe > it will be interresting for other people so I will integrate them in the > web interface. >
The areas I have to manually change are as follows: 1. DHCP for static addresses just like Randy. I need in addition to what he mentioned the ability to create at least two subnets and assign statics ip addresses out of each. 2. I need to be able to create x.509 IPSEC certs without email addresses for Windows clients. 3. I need to be able to do "virtual_private" with IPSEC. This allows hosts on private networks doing NAT to connect to VPN, while at the same time making sure they do not conflict with our private netblock. Here is an example of this setting, "virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12, %v4:169.254.0.0/16,%v4:192.168.0.0/16,%v4:!192.168.101.0/24". Docs here: http://www.openswan.org/docs/local/README.NAT-Traversal 4. Multi-zone support for the VPN. We need to be able to have VPN connections to the LAN and PROT (protected) zones of our network, currently with MNF 8.2 you can only have a single zone used for the VPN. 5. Some kind of HA support would be nice... http://linux-ha.org/. I currently have two MNF 8.2 firewalls using HA. I just had to add it on by myself.. ;-) Humm guess this is kinda late to be bringing all this up, hopefully some of this will be addressed though. -- Bret Baptist Systems and Technical Support Specialist [EMAIL PROTECTED] Internet Exposure, Inc. http://www.iexposure.com (612)676-1946 x17 Web Development-Web Marketing-ISP Services ------------------------------------------ Today is the tomorrow you worried about yesterday.
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
