News: This forum is now permanently frozen.
Pages: [1]
Topic: Already have Router, can I use Monowall behind router to function for VPN - L2TP  (Read 3874 times)
« on: December 11, 2008, 01:14:10 »
alabamer *
Posts: 3

I would like to install a monowall to use as a VPN server, but I don't need it to be my network firewall.  Can I place it on my internal network and port forward all L2TP VPN traffic to allow remote connections to my network?  And is this possible with just one interface on the box too???

If this has been discussed a lot before, I'm sorry, as I'm having a hard time figuring out how to search this topic.

Thanks a lot in advance!

Jimmy
http://www.jimmyg.us
« Reply #1 on: December 11, 2008, 10:20:12 »
markb ****
Posts: 331

Monowall will not work like that, as it is a router.  Why not stick in the path, as you can always configure it with allow all rules so there is no processing done. I doubt that it would introduce much latency.
« Reply #2 on: December 11, 2008, 15:46:40 »
alabamer *
Posts: 3

So you mean:

Inet -->  Existing Router -->  Monowall:all allow --> LAN

I guess I hadn't thought of that as I didn't know how easy it would be to 'open' the monowall to that it wouldn't be in the way of all the existing rules.  I'm definitely not worried about any traffic issues with this arrangement or latency.

Is there a way to make it so that the LAN and Existing router (with the monowall inbetween) all share the same subnet?  i.e. 10.0.0.x

My essential requirement is to get the VPN functioning as quickly as possible without making significant network changes to existing devices.  Hence the desire to not change the internal IP scheme.

Thank you for you help,
Jimmy
http://www.jimmyg.us

« Reply #3 on: December 11, 2008, 17:28:50 »
ChainSaw
Guest

the best way would to replace your router with a m0n0wall.  this is by far the best solution.

the easiest way would be to add a Windows 2003 server to your network and forward port 1723 to it.  this setup only requires a single network connection from this server to your network but I would still go with the above solution if at all possible.

EDIT: I just noticed you said "L2TP VPN".  I don't believe m0n0wall supports L2TP but I'm thinking Windows 2003 Server does but I'm not 100% sure.

CS...
« Last Edit: December 11, 2008, 17:48:06 by ChainSaw »
« Reply #4 on: December 12, 2008, 05:22:11 »
alabamer *
Posts: 3

I think I'm going to just replace the existing router.  Originally I was just trying to minimize the work I'd need to do in order to make that work, but since I don't really want to use the existing router, I may as well replace it now instead of later. 

Thanks for all of your replies.

Oh, and to you Chainsaw:  Sorry - it was a typo on my part...  I meant PPTP, not L2TP...  I had the wrong thing on my mind when I was typing that...

Thanks again!

Jimmy
http://www.jimmyg.us
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines