[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Remote management of DomU



Hi John,

On Friday 16 December 2005 09:19, John A. Sullivan III wrote:
> A quick thought is to do it via VPN.  Expose the Dom0 to the internal
> network but use iptables to restrict virtually all traffic to the Dom0
> and then allow only ssh coming off of an IPSec tunnel to be allowed to
> go from the firewall to the Dom0 - John

If Dom0 doesn't have a physical interface, how would I expose it to the 
internal network?  Or are you suggesting I should add a 4th NIC?

I was thinking I might be able to use a dummy interface on Dom0, but couldn't 
figure out how to put it on the internal network, unless it's possible to add 
it to the br-lan0 bridge with an IP already on it...?

Alternatively, is it possible to add a dummy interface on both the firewall 
domain and Dom0, and somehow tie them together via VPN?

-Alan


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.