Date: Tue, 20 Jun 2000 05:07:49 +0000 From: Harry Woodward-Clarke <Harry.Woodward-Clarke@S1.com> To: FreeBSD Questions <freebsd-questions@freebsd.org> Cc: lol@ficsgrp.com Subject: advice sought - ISDN & VPN Message-ID: <394EFC25.8207FB2@S1.com>
next in thread | raw e-mail | index | archive | help
Hi guys, a "real world" question ;') First, some background. Our internal Finance guys here in Sydney are using Oracle Financials via a stand-alone Windows PC connected to the Internet with an ISDN modem, using ShivaVPN to 'tunnel' to our HQ in the USA. What they now want is for several PCs to be able to connect and run Oracle Financials - not necessarily simultaneously, but you never know... Also, the current PC (only one) is not physically connected to our LAN, as (being the paranoid that I am) when I set it up with 'wide-open access' to the Internet via the ISDN line, I didn't want any 'nasties' to come back down the line, through the Windows PC and into our LAN. The LAN already has a (very slow) Internet connection for our email and web (via proxy). Anyway, the sort of thing I'd like to be able to do is something like... - have multiple 'Oracle Financials' Windows PCs on the LAN - insert a FreeBSD "gateway" for the ISDN modem to connect "on-demand" to the Internet (via Telstra BigPond Direct, if that matters) - allow the above Windows PCs to invoke ShivaVPN and connect via the FreeBSD 'gateway' to the USA VPN Servers, and from there, onto Oracle Financials - allow other connections from these PCs to go via the 'standard' LAN connected gateway (e.g. Web-proxy, etc.) The question that was thrown back at me by the System/Network Admin. was "how do we allow ShivaVPN to tunnel through the BSD box to the USA?" Well, the best way for me to learn about how that is done, is to ask questions here :') So, to recap: - multiple ShivaVPN Client PCs using Windows9x/NT4/2K - ISDN modem connected to the Internet via Telstra BigPond Direct - ShivaVPN Server in the USA To the experienced FreeBSD SysAdmins: how would you do this? What sort of configuration, both hardware and software, would you include in this mix? Would IPfilter be useful here? Perhaps a Firewall product? Any comments, suggestions gratefully taken on board. Thanks and kind regards, Harry -- Harry Woodward-Clarke Support Analyst S1 Australia Telephone: +61 2 9260-2144 Level 8, 131 York St, Facsimile: +61 2 9267-9422 Sydney NSW, 2000 E-mail: Harry.Woodward-Clarke@S1.com Australia Web Page: www.S1.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?394EFC25.8207FB2>