From owner-freebsd-questions Mon Jul 29 13:17:15 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C929F37B400 for ; Mon, 29 Jul 2002 13:17:11 -0700 (PDT) Received: from astro.phpwebhosting.com (astro.phpwebhosting.com [66.33.60.221]) by mx1.FreeBSD.org (Postfix) with SMTP id 1147F43E4A for ; Mon, 29 Jul 2002 13:17:11 -0700 (PDT) (envelope-from howardjp@glue.umd.edu) Received: (qmail 24461 invoked by uid 508); 29 Jul 2002 20:17:08 -0000 Received: from unknown (HELO wopr) (207.172.96.31) by astro.phpwebhosting.com with SMTP; 29 Jul 2002 20:17:08 -0000 Date: Mon, 29 Jul 2002 16:17:02 -0400 Mime-Version: 1.0 (Apple Message framework v482) Content-Type: text/plain; charset=US-ASCII; format=flowed Subject: Firewalling and VPN questions. From: James Howard To: freebsd-questions@freebsd.org Content-Transfer-Encoding: 7bit Message-Id: <24C1F836-A330-11D6-BCEB-003065BAAC62@glue.umd.edu> X-Mailer: Apple Mail (2.482) Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi everyone, I have a FreeBSD firewall in the office. It's external address is 208.something and internally the address is 10.1.1.1. The netmask is 255.255.0.0 and the internal network is split so that static IP machines have IPs in the 10.1.1.something and DHCP addresses are in the 10.1.2.something realm. Now, I just put a new firewall in my apartment (connected via cable modem) running FreeBSD. Again, the network externally is 207 and change. Internally, the address is 10.2.1.1. The net mask is 255.255.0.0 and static IPs are assigned to 10.2.1.x and DHCP addresses are given in the range 10.2.2.x. Both firewalls use the "SIMPLE" ruleset and natd to pass packets. So, I want to VPN the two firewalls together so that, from home, I can telnet to 10.1.1.5 and login to the machine there. It occurs to me that the way to this involves SSH and PPP, but I do not know the details. When I first configured the office firewall, months ago, I left PPP in the kernel. I'd prefer not to have to reboot as physical access is nearly nil. What is the best option for me here? Thank you, Jamie To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message