On Thu, 2005-05-26 at 20:03 +0200, Maciej ?enczykowski
wrote:> Hi folks,
>
> I have two CentOS 4 server I administrate doing routing and
> firewalling of two networks (one NATed and firewalled and the other one
> merely firewalled) and I'd like to build a tunnel to allow computers on
> the normal private network (and the firewall) to access the private IPs of
> computers behind the NAT/firewall.
>
> ie.
> ALPHA BETA
> 10.0.0.0/8 - CentOS4 - internet - CentOS4 - X.Y.Z.0/24
> Private IPs Firewall Firewall Public IPs
> and NAT
>
> now the internet is intracity, within one provider and decently safe (6
> hops), but still some sort of encryption would be nice... (otherwise
I'd
> just use ip tunnel).
>
> How do I allow both BETA and X.Y.Z.0/24 to connect to the private IPs?
> Should I use CIPE? IPSEC? something else? any good howtos?
> Preferably something fast and reliable, doesn't need to be that easy to
> set up :)
>
> I'm basically looking for comments, I have looked around on google, and
it
> seems there's _tons_ of options, but IPSEC seems to be winning out...
am I
> correct in that assumption?
>
> Cheers,
> MaZe.
> ______________________________________________
Ipsec is the way to go, I have had excellent results using openswan
2.1.5(patched with fix
for snmp crash) on FC1, migrating to Centos is on my to do list.
Ted