Forum Replies Created
September 19, 2008 at 12:52 pm in reply to: More OpenVPN Host-to-LAN VPNs, disable redirect gateway #46923
Solution: I will make a virtual router ( ESXi server ) for VPN and I will have VPN server there, and I will install Zeroshell to router too.
Keep luck with your project
I am curious if anyone has zeroshell installed under ESXi with 1 Physical NIC to their ISP modem and 1 Physical NIC to their internal network?
When I set up the VMKernel for the External NIC and say that it’s DHCP it nevers picks up an IP address, but the default route is greyed out and pointing to the gateway of the Internal NIC.
Has anyone overcome that?
I have it in ESXi as firewall ( plan to temporary replace my main router to reinstall it ) and it works. But I dont have one NIC to internal network and one to external. I use switch for this purpos and both NICs are connected to switch witch VLANs. Internet is delivered to ESX thru tagged VLAN.September 16, 2008 at 7:31 am in reply to: More OpenVPN Host-to-LAN VPNs, disable redirect gateway #46922
You can simulate a second host-to-LAN OpenVPN by activating a LAN-to-LAN one. In this case you could use only X.509 authentication. Kerberos 5 and RADIUS authentication are not possible for L2L VPN. Staring with the release 1.0.beta11 you could use a Preshared Key Authentication.
If you don’t want that the OpenVPN parameter redirect-gateway is pushed to the clients, use the button [Net] (release 1.0.beta10+) to specify the networks you want to reach across the VPN.
Thank you for your answer. Looks like ZeroShell is not ready to replace my main router, so I must stay with debian there. Never mind, still zeroshell is great project for ordinary use ( Iam a little bit fool with my network infrastructure ) and I am going to use it at intranet wired/wireless routers and PtP links ).
I think this is not good idea. As computer security specialist I recommend to NOT HAVE data on security appliance ( in this case zeroshell ). Thats because if someone compromise your zeroshell, he has free access to your data as well. Right solution is to have data on separate computer and for it, there are good free nas solutions ( openfiler, freenas etc. ).
Zeroshell would be perfect for me if offering a NAS (Network-Attached Storage) function !!!
Any Easy-to-Use Solution !?
I’ll appreciate your answers