tyny VPN help

To: debian-firewall@lists.debian.org
Subject: tyny VPN help
From: Leonardo Boselli <leo@dicea.unifi.it>
Date: Fri, 17 Dec 2004 22:34:04 +0100 (CET)
Message-id: <[🔎] Pine.LNX.4.21.0412172220080.17996-100000@dipolo.dicea.unifi.it>

Question: I have to allow one person to "use" when mobile some
"services" in its corporate network.
The problem: from outside the only ports accessible into the home subnet
(every "interesting" host has a public address) are 20-25 , 53, and
110-113.
One could add some other ports but only to ONE host.
Another limitation is that any connection must be initialized from remote
since he most of the time would be behind a natting firewall, whose public
address is unpredictable. 
He wants absolutely to be able to use some services on any port on 
any of the hosts in the subnet.
A first suggestion was to use a VPN but before digging in documentation or
asking you to send me hints and help i wish to know if this is feasible.
The idea would be to tunnelize all traffic trought a single port and
export on the subnet so it would appear as coming out of an address of the
subnet [ideally the same one of his turned-off office machine].
Would this require a separate router or can be accomplished by a single
computer.
Another problem: he want o retain his winXP pc ... with the OS ..
with this additional limit is possible ?

Reply to:

Follow-Ups:
- Re: tyny VPN help
  - From: Matthew Palmer <mpalmer@debian.org>
- Re: tyny VPN help
  - From: Andrew Porter <andy@defsdoor.demon.co.uk>
- Re: tyny VPN help
  - From: Mike Mestnik <cheako911@yahoo.com>

Prev by Date: Re: suggestions for iptables
Next by Date: Re: tyny VPN help
Previous by thread: Re: suggestions for iptables
Next by thread: Re: tyny VPN help
Index(es):
- Date
- Thread