[CentOS] About tunnels

Ted Kaczmarek tedkaz at optonline.net
Thu May 26 20:43:23 UTC 2005


On Thu, 2005-05-26 at 20:03 +0200, Maciej Żenczykowski wrote:
> Hi folks,
> 
> I have two CentOS 4 server I administrate doing routing and 
> firewalling of two networks (one NATed and firewalled and the other one 
> merely firewalled) and I'd like to build a tunnel to allow computers on 
> the normal private network (and the firewall) to access the private IPs of 
> computers behind the NAT/firewall.
> 
> ie.
>                ALPHA                BETA
> 10.0.0.0/8 - CentOS4 - internet - CentOS4 - X.Y.Z.0/24
> Private IPs  Firewall             Firewall  Public IPs
>               and NAT
> 
> now the internet is intracity, within one provider and decently safe (6 
> hops), but still some sort of encryption would be nice... (otherwise I'd 
> just use ip tunnel).
> 
> How do I allow both BETA and X.Y.Z.0/24 to connect to the private IPs?
> Should I use CIPE? IPSEC? something else? any good howtos?
> Preferably something fast and reliable, doesn't need to be that easy to 
> set up :)
> 
> I'm basically looking for comments, I have looked around on google, and it 
> seems there's _tons_ of options, but IPSEC seems to be winning out... am I 
> correct in that assumption?
> 
> Cheers,
> MaZe.
> ______________________________________________
Ipsec is the way to go, I have had excellent results using openswan
2.1.5(patched with fix
for snmp crash) on FC1, migrating to Centos is on my to do list.

Ted




More information about the CentOS mailing list