Richard Welty wrote:
the needed three legged firewall, bridging two interfaces and
using NAT on the third one, is rather more complicated than i
wanted to deploy for a budget-constrained customer. neither i
nor my client feel that there was a much of a win here, but
there weren't any other options, either.
This is a clever setup; am I guessing correctly in saying that
fortunately the IPSEC part needed to terminate on only one or two
servers and not on each host?
Michel.