On Thu, 2005-05-26 at 20:03 +0200, Maciej Żenczykowski wrote: > Hi folks, > > I have two CentOS 4 server I administrate doing routing and > firewalling of two networks (one NATed and firewalled and the other one > merely firewalled) and I'd like to build a tunnel to allow computers on > the normal private network (and the firewall) to access the private IPs of > computers behind the NAT/firewall. > > ie. > ALPHA BETA > 10.0.0.0/8 - CentOS4 - internet - CentOS4 - X.Y.Z.0/24 > Private IPs Firewall Firewall Public IPs > and NAT > > now the internet is intracity, within one provider and decently safe (6 > hops), but still some sort of encryption would be nice... (otherwise I'd > just use ip tunnel). > > How do I allow both BETA and X.Y.Z.0/24 to connect to the private IPs? > Should I use CIPE? IPSEC? something else? any good howtos? > Preferably something fast and reliable, doesn't need to be that easy to > set up :) > > I'm basically looking for comments, I have looked around on google, and it > seems there's _tons_ of options, but IPSEC seems to be winning out... am I > correct in that assumption? > > Cheers, > MaZe. > ______________________________________________ Ipsec is the way to go, I have had excellent results using openswan 2.1.5(patched with fix for snmp crash) on FC1, migrating to Centos is on my to do list. Ted