Tom Eastep wrote: > Keith, > > Since the point when you hijacked Mike Lander's thread, you have not > explained exactly what you are trying to accomplish. I have explained to > you what is happening but I can't tell you how to fix it until you > explain to us what you want to have happen. > > Until we know that, we can't advise you about a fix until we understand > the problem being solved. > > - -Tom > > PS -- I assume that the "fiber tunnel" (your term) is the 10.253.0.* net? > - -- > Tom Eastep \ When I die, I want to go like my Grandfather who > Shoreline, \ died peacefully in his sleep. Not screaming like > Washington, USA \ all of the passengers in his car > http://shorewall.net \________________________________________________ > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iEYEARECAAYFAkraMpUACgkQO/MAbZfjDLKFjgCfSWFGrR9iAPTPYlsJevty9in1 > 024An1evWl5mXUw/HfQh8N6raQC4lJVt > =+Uu3 > -----END PGP SIGNATURE----- > > ------------------------------------------------------------------------------ > Come build with us! The BlackBerry(R) Developer Conference in SF, CA > is the only developer event you need to attend this year. Jumpstart your > developing skills, take BlackBerry mobile applications to market and stay > ahead of the curve. Join us from November 9 - 12, 2009. Register now! > http://p.sf.net/sfu/devconference > _______________________________________________ > Shorewall-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/shorewall-users > I'm attempting to connect a branch office (Office A - private lan 192.168.1.0/24), to a main office (Office B - private lan 10.254.0.0/24) via two different connections for fail-over and data segregation.
Connection 1 - ipsec VPN, for traffic between the offices not flowing to or from 2 different phone servers in Office B (10.254.0.4 and 10.254.0.5) Connection 2 - a point-to-point switched fibre circuit (called a tlan by my provider). This circuit is essentially stateless - functionally equivalent to a VLAN on a switch. All traffic flowing to or from 10.254.0.4 and 10.254.0.5 should traverse this circuit. Each office has a 3 card router - one card for internal network, on card for internet (and ipsec vpn), and one card for the fibre tlan. Each office should have the ability to connect directly to the internet through their local router, pass data traffic over the ipsec vpn, and pass voip traffic over the fibre tlan. Sorry for being unclear. It's difficult for me to explain all this stuff without a whiteboard. I hope the above clears up my intent. I'm also sorry for hijacking Mike's thread. I hit reply and neglected to remove the "Re: [Shorewall-users]" from my first messages. PS - Fiber tunnel should refer to the fibre tlan which I have assigned the 10.253.0.* network, yes. -- Keith Mitchell CTO Productivity Associates, Inc. 5625 Ruffin Rd STE 220 San Diego, CA 92123 858-495-3528 (Direct) 858-495-3540 (Fax) ------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
