VPN 2-Tier Firewall

[nightrdr]

This topic was raised by someone else about 1 year ago - but I did not see any solution(s).

I am setting up a 2-tier firewall system and it all works EXCEPT (just like the other guy) I cannot figure a way to VPN into the 2nd tier. The 1st tier is no problem (allows remote management of my DMZ servers) but I cannot figure out how to connect to a server on the 2nd tier. The 2nd tier "RED" blocks (by design) any "initiated" contact from upstream.

Only success so far is to put 2 NICs in my 1st tier VPN server (only open VPN ports) and assign one of the NICs a 2nd tier IP. NOT GOOD!!!

Would be great if I could port forward from 1st to 2nd tier, but cannot get around that upstream restriction.

I must use 2-tiers. Final objective is to VPN to the 2nd tier (that way I can still control DMZ servers).

Answers, hints, clues ???

 

[coladmin]

what type of firewalls are you using. I wonder if a SSL VPN solution would work in this senario?

 

[nightrdr]

A combination of Smoothwall and IPCop. I will do some net searching on SSL VPN as "I know nothing"

I will check into it and see if I can figure it out and get it to work.

 

[nightrdr]

Not a good solution, but a work around.

I configured a VPN to tier 1 and then a VPN from tier 1 to tier 2. Works like crap, but works.

Anyone with a better idea?