Todd Young wrote: > Scenario: > Linux firewall (and DHCP server) protects home LAN and has VPN tunnel > set up to friends house with similar Linux firewall. > Linksys BEFW11S4 wired/wireless router inside Linux firewall. > > Is there any way to have the Linksys just be a "dumb" router that would > allow any clients attached to it (wired or wireless) to receive their > DHCP address from the Linux firewall? > > Basically, I want the increased protection that the Linux firewall > provides (and the VPN capabilities), but also the wireless access the > Linksys will provide. I can simply have the Linux firewall provide a > DHCP address to the WAN port of the Linksys, then have the Linksys > provide DHCP addresses to PCs connected to it's LAN ports. BUT then I > don't think the VPN tunnel between the Linux router and a friends Linux > router will serve any purpose, because the Linksys will block gaming or > folder sharing access. Throw a 3rd nic in your firewall, creating a DMZ network, and put the linksys there. Let the linksys DHCP it's WAN port from your Linux firewall (like you said in your last paragraph). Most of these wireless router products already have built in VPN passthrough support. It _should_ work. Adjust your firewall rules to allow access to the VPN from the DMZ network and it _should_ work. I have a similar setup with a netgear wireless router. Works great *IF* it get's it's WAN port address via DHCP. I'm in the process of setting up the VPN stuff now, so I can't comment on that yet. -- scot _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota http://www.mn-linux.org tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list