[Gllug] IPSec and firewalls
Kim Hawtin
kim at aldigital.co.uk
Fri Mar 8 15:40:57 UTC 2002
> >> This is all theory for now but I'm looking into all this stuff.
> >>
> >> I want to set up a wireless network at home. My home network is currently
> >> like this:
> >>
> >> INTERNET <--> 10.12.34.1 <--> 10.12.34.*
> >>
> >> and I want to have a wireless network in 10.12.35.* with IPSec between the
> >> wireless machines and the gateway.
> >>
> >> SO
> >>
> >> INTERNET <--> 10.12.34.1 <--> 10.12.34.*
> >> 10.12.35.1
> >> ^
> >> |
> >> \--> 10.12.35.*
> >>
> >> So, IPSec between 10.12.35.1 and 10.12.35.* but I don't want the wireless
> >> machines to access 10.12.35.1 without going through IPSec. Is it possible
> >> to firewall this access off on the router or is that going to stop IPSec?
> >> If I just firewall off tcp and udp will IPSec still get though?
> >
> >it should, because IPSec has a different protocol number...
>
> I thought it'd be something like that so I guess I could filter everything
> where the protocol number is not IPSec or would this extra step break stuff
> (like ICMP messages).
you should tunnel icmp over ipsec too ...
yours,
kim
--
:Kim_Hawtin:--------------------------------------:-----------------:
| A.L. Digital Ltd. Tel: +44 (20) 8742 0755 | .^. Don't fear|
| The Stores Fax: +44 (20) 8742 5995 | /V\ the |
| 2 Bath Road http://www.thebunker.net | // \\ penguins!|
| London W4 1LT http://www.aldigital.co.uk | /( )\ |
| UNITED KINGDOM mailto:kim at aldigital.co.uk | ^^ ^^ |
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list