1 |
On Thu, Feb 9, 2012 at 10:48 PM, Pandu Poluan <pandu@××××××.info> wrote: |
2 |
> Scenario: I have a server in the cloud that needs to connect to an internal |
3 |
> server in the office. There are 2 incoming connections into my office, ISP |
4 |
> "A" and ISP "B". The primary connection is A, but if A goes down, we can use |
5 |
> B. The app running on the cloud server has no automatic failover ability |
6 |
> (i.e., if A goes down, someone must change the app's conf to point to B). |
7 |
> |
8 |
> My thought: If I can make a tunnel from the server to the FortiGate firewall |
9 |
> currently guarding the HQ, the cloud app can simply be configured to connect |
10 |
> to the internal IP address of the internal server. No need to manually |
11 |
> change the app's conf. |
12 |
> |
13 |
> The need: a VPN client that: |
14 |
> + can selectively send packets fulfilling a criteria (in this case, dest= IP |
15 |
> address of internal server)* |
16 |
> + has automatic failover and failback ability |
17 |
> |
18 |
> *solutions involving iptables and iproute2 are also acceptable |
19 |
> |
20 |
> Can anyone point me to the right direction re: what package and the relevant |
21 |
> howto? |
22 |
> |
23 |
> Thanks in advance. |
24 |
> |
25 |
> Rgds, |
26 |
|
27 |
Not exactly what you're looking for, but this might help: |
28 |
|
29 |
http://www.ntop.org/products/n2n/ |
30 |
|
31 |
That would set up reliable visibility on layer 2. You probably want to |
32 |
employ something like 802.1x on top of it. |
33 |
-- |
34 |
:wq |