From owner-FreeBSD-users-jp@jp.freebsd.org  Tue Oct 30 20:45:45 2001
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id UAA01986;
	Tue, 30 Oct 2001 20:45:45 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from cicgw.cic-kk.co.jp (cicgw.cic-kk.co.jp [203.137.146.33])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id UAA01981
	for <FreeBSD-users-jp@jp.freebsd.org>; Tue, 30 Oct 2001 20:45:44 +0900 (JST)
	(envelope-from kgotoh@cic-kk.co.jp)
Received: from zeke.cic-kk.co.jp (zeke.cic-kk.co.jp [192.168.1.11])
	by cicgw.cic-kk.co.jp (8.9.3/3.7W-01060720) with ESMTP id UAA88130
	for <FreeBSD-users-jp@jp.freebsd.org>; Tue, 30 Oct 2001 20:45:44 +0900 (JST)
Received: from localhost (localhost.cic-kk.co.jp [127.0.0.1])
	by zeke.cic-kk.co.jp (8.9.3/3.6W 06/07/01) with ESMTP id UAA43590
	for <FreeBSD-users-jp@jp.freebsd.org>; Tue, 30 Oct 2001 20:45:44 +0900 (JST)
To: FreeBSD-users-jp@jp.freebsd.org
In-Reply-To: Your message of "Tue, 30 Oct 2001 16:15:10 +0900"
	<20011030154501.89BA.KAJITA@career-link.co.jp>
References: <20011030154501.89BA.KAJITA@career-link.co.jp>
X-Mailer: Mew version 1.93 on Emacs 19.34 / Mule 2.3 (SUETSUMUHANA)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Message-Id: <20011030204544Z.kgotoh@cic-kk.co.jp>
Date: Tue, 30 Oct 2001 20:45:44 +0900
From: Kazumasa Gotoh <kgotoh@cic-kk.co.jp>
X-Dispatcher: imput version 980905(IM100)
Lines: 44
Reply-To: FreeBSD-users-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+010328
X-Sequence: FreeBSD-users-jp 65236
Subject: [FreeBSD-users-jp 65236] Re: FireWall
 =?ISO-2022-JP?B?GyRCTVElXiU3JXMkTiU9JVUlSDk9QC4kSyREJCQbKEI=?=
 =?ISO-2022-JP?B?GyRCJEYbKEI=?= 
Errors-To: owner-FreeBSD-users-jp@jp.freebsd.org
Sender: owner-FreeBSD-users-jp@jp.freebsd.org
X-Originator: kgotoh@cic-kk.co.jp


From: Nao KAJITA <kajita@career-link.co.jp>
Date: Tue, 30 Oct 2001 16:15:10 +0900

> VPN$B$N;OE@$H=*E@$O$*$N$*$N$N5rE@$N(BGateway$B%^%7%s$G$"$l$P(B
> $B<B:]$K(BVPN$B%5!<%S%9$rDs6!$9$k%G!<%?%9%H%j!<%`$O(BGateway$B%^%7%s4V$@$1$GNI$$!#(B
> $B$J$N$G(BVPN$B%5!<%S%9$,MxMQ$9$k(BPort$B$O:GDc8BF)2aE*$K(BFirewall$B$r@_Dj$9$k!#(B
> 
> $B$=$N$"$H$O(BVPN$B%5!<%S%9$G%+%W%;%k2=$5$l$?%Q%1%C%H$O%+%W%;%k2r=|$5$l!"(B
> $B85$N%Q%1%C%H$KLa$k$N$G(BVPN$B=*E@!J$3$N>l9gE~Ce@h(BGateWay$B%^%7%s!K$+$iFbB&(B
> $B%M%C%H%o!<%/$K;OE@%M%C%H%o!<%/%"%I%l%9$r;}$C$?%Q%1%C%H$,F)2a$G$-$k$h$&$K(B
> $B@_Dj$9$k!#(B

$B?'!9$H$"$j$,$H$&$4$6$$$^$9!#$^$@$d$C$?;v$,$J$$$N$GIT0B$K46$8$F$$$k(B
$B$@$1$J$N$+$bCN$l$^$;$s$,!"(B(^^; $B3'$5$s$K$*;G$$$7$?FbMF$rF'$^$($F(B
$B;n$7$F$f$3$&$H9M$($F$$$^$9!#(B

> VTUN$B$rMxMQ$5$l$k$N$G$"$l$P2>A[E*$KJL%M%C%H%o!<%/%"%I%l%9$r;}$D(B
> VPN$B%M%C%H%o!<%/$r:n$k$3$H$,?d>)$5$l$^$9$,!"(B

$B%H%s%kItJ,$,%k!<%?$G$$$&$H(B WAN $BB&$,(B numbered network $B$K$J$k$H(B
$B$$$&$h$&$J46$8$@$H$$$&$3$H$G$9$M!#(B

$B%0%m!<%P%k%"%I%l%9$N(B aaa.bbb.ccc.1 $B$H(B ddd.eee.fff.1 $B$H$$$&$N$r(B
$B2C$($F9M$($k$H(B 3$B$D$N%M%C%H%o!<%/%$%s%?%U%'!<%9$r;}$D$3$H$K$J$k$H(B
$B9M$($F$h$$$H$$$&$3$H$G$9$+!#(B

> <IP addr>
> xxx.xxx.xxx.1   xxx.xxx.yyy.1   xxx.xxx.yyy.2      xxx.xxx.zzz.1
> client1--------->vtunSvr1--------->vtunSvr2------------->client2
>     xxx.xxx.xxx.0/24         |           xxx.xxx.zzz.0/24
>                       xxx.xxx.yyy.0/24
> <Network>
  (snip)
> $B$G!"(Bxxx.xxx.yyy.2$B$^$GE>Aw$5$l$?%Q%1%C%H$O(Bxxx.xxx.zzz.0/24$B$X(B
> Forward$B$5$l$k$h$&$K$9$l$P$h$$$G$9!#(B

$B>e5-$N>l9g$G$"$l$P!"(Bvtun2Svr2 $B$N(B IP Forwarding $B$r(B On $B$K$7$F$*$1$P(B
$B%k!<%F%#%s%0$5$l$k$7!"$=$N@h$KB>$N%;%0%a%s%H$,$"$k>l9g$K$O(B vtunSvr2
$B$N%k!<%F%#%s%0%F!<%V%k$,E,@Z$J$b$N$K$J$C$F$$$l$P$h$$$H$$$&;v$G$9$M!)(B

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
($B3t(B) $B%;%s%H%i%k>pJs%;%s%?!<(B
                             $B8eF#OB@/(B    kgotoh@cic-kk.co.jp
