[Openswan Users] Is this configuration possible??

[Phillip T. George]

Gary Danko wrote:

>I've done quite a bit of research and I am led to believe my desired
>configuration is not possible. Have a look at my small ASCII diagram and
>let me know if you think I can pull this off.
>
><--- Begin Diagram --->
>10.0.0.0/24 (Private HQ network)
>    |
>    |
>10.0.0.1 (Smoothwall 2.0 w/Openswan 1.0.8 GREEN interface)
>68.xx.xx.34 (Smoothwall RED interface)
>    |
>    |
>Public Internet
>    |
>    |
>209.xx.xx.244 (OpenSwan 2.3.1 on FC3 LeftIP)
>209.xx.xx.0/24 (OpenSwan 2.3.1 on FC3 LeftSubnet, public COLO network)
><--- End Diagram --->
>
>All of my reading has told me that because my LeftIP and LeftSubnet are on
>the same network I cannot have a VPN connection between my co-location
>facility and my HQ's network.
>
>Is there a way to facilitate this configration that I have overlooked?
>I've checked documentation, usenet, the web, forums, and so forth.. I
>cannot find anything supporting this sort of configuration.
>
>Thanks in advance.
>
>_______________________________________________
>Users mailing list
>Users at openswan.org
>http://lists.openswan.org/mailman/listinfo/users
>  
>

I would think there would be some kind of work around...  You probably 
need to have some sort of virtual net interface which pretends to be a 
LAN card and have a LAN IP.  This would seem to be more secure than 
trying to use your Internet IP as the LAN (private) IP on your server @ 
the co-lo.  I'm kind of interested in this solution as well, because I 
have 3 servers...it would be nice to be able to access a little bit more 
than what other people can, and do it "directly".  For instance...if I 
wanted to run a Samba share over IPSEC...that'd be great :)  I think 
this is very possible, so keep on looking around for the answer if you 
don't get it here :)  I'm probably going to try to set this up some day 
if possible.

-Phillip