From owner-freebsd-questions  Wed Feb  5  4: 4:11 2003
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 387DC37B401
	for <questions@FreeBSD.ORG>; Wed,  5 Feb 2003 04:04:10 -0800 (PST)
Received: from glamredhel.hayholt.org (hayholt.org [195.18.109.250])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 769C743E4A
	for <questions@FreeBSD.ORG>; Wed,  5 Feb 2003 04:04:09 -0800 (PST)
	(envelope-from marcel@hayholt.org)
Received: from eldar.hayholt.org (unknown [192.168.0.2])
	by glamredhel.hayholt.org (Postfix) with ESMTP
	id 24C04AF11; Wed,  5 Feb 2003 13:03:44 +0000 (WET)
Date: Wed, 5 Feb 2003 13:04:01 +0100 (CET)
From: Marcel Stangenberger <marcel@hayholt.org>
To: Bill Moran <wmoran@potentialtech.com>
Cc: Philip Hallstrom <philip@adhesivemedia.com>,
	"" <questions@FreeBSD.ORG>
Subject: Re: building a VPN with FreeBSD 4.7p3
In-Reply-To: <3E40466E.3000906@potentialtech.com>
Message-ID: <20030205125500.A53666@eldar.hayholt.org>
References: <20030204080406.Q23132-100000@cypress.adhesivemedia.com>
 <20030204214707.X52428@eldar.hayholt.org> <3E40466E.3000906@potentialtech.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

> > My intention is to have a webserver in a colocation at my ISP but have the
> > databaseserver and imap server at another location. Since i use BasiliX
> > for webmail access i would like to have a secure connection between these
> > 3 systems.
>
> I don't understand how vtun isn't what you're looking for?  I've used it for
> setups very similar to what you're describing.
>
> Perhaps a look at the vtun home page, which gives a better description
> of what all vtun can be used for.
>

I've read the website and i figured that vtun is for binding two networks
together. The problems that i have is that:

1. My FreeBSD internal system is not doing routing/nat, it has only one
   interface with an RFC1918 IP on it. The router is an Allied Data 810.
2. My FreeBSD webserver doesn't have an inside interface, only an outside.

i'll try to make an ascii drawing of the situation :

---------------
| mysql server|--------
---------------       |
192.168.0.2          |switch|
                      |   |
                      |   |
--------------        |   |                 192.168.0.1
| imap server|---------   --------|router|
--------------                        |     100.100.100.100
192.168.0.4                           |
                                   internet
-----------                           |
|webserver|----------------------------
-----------
200.200.200.200


I Hope this makes it a bit clearer, or you be able to tell me where i'm
wrong in this.

Marcel

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message