[Openswan Users] Is this a proper use for OpenS/WAN?

[Faber Fedor]

Hi guys,

I'm a noob to the list and to setting up VPNs in general.  I'm currently
looking for security options for a setup that I'm doing.  Since it
involves ecommerce, I'm thinking I want/need to use FreeS/WAN in VPN
mode.  Of course, I have a few Qs, so that's why I'm posting this. :-)

1. Is there any known problems with setting up a VPN tunnel with a
LinkSys BEFSX41 router/firewall/VPN endpoint?

2. I Want to do my testing between a Fedora Core 1 box and a databse
server running Red Hat 8.0.  The actual installation will be on a Red
Hat 8.0 box.  Any known problems?

2. Here's the setup using the VPN.  Can someone tell me if I'm right or
totally bonkers?

I've got a website that will have a shopping cart on it with a database
back-end sitting on another Linux box sitting behind the above-mentioned
LinkSys router.  The webserver will retrieve product information
(pictures, product number and description, etc.) from the database
server.  Orders placed via the website will be sent immediately back to
the database server via XML-RPC (SOAP seems to be too bloated for this).

I am extremely paranoid.  I don't like the fact that I'm opening a hole
in the firewall and that the website will have in it's possession credit
card information.  However, the requirement states that this is all done
in realtime.

So what I Was thinking was thins: setup a VPN tunnel between the website
and the database servers.  The tunnel naturally goes through the
firewall.

Does this make sense?  Every other VPN setup I've ever heard of has the
two communicating computers EACH behind a firewall.  In this case, we
only have one behind a firewall.

TIA!

-- 
 
Regards,
 
Faber                     

Linux New Jersey: Open Source Solutions for New Jersey
http://www.linuxnj.com