This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-users] Remote management of DomU

Hi John,

On Friday 16 December 2005 09:19, John A. Sullivan III wrote:
> A quick thought is to do it via VPN.  Expose the Dom0 to the internal
> network but use iptables to restrict virtually all traffic to the Dom0
> and then allow only ssh coming off of an IPSec tunnel to be allowed to
> go from the firewall to the Dom0 - John

If Dom0 doesn't have a physical interface, how would I expose it to the 
internal network?  Or are you suggesting I should add a 4th NIC?

I was thinking I might be able to use a dummy interface on Dom0, but couldn't 
figure out how to put it on the internal network, unless it's possible to add 
it to the br-lan0 bridge with an IP already on it...?

Alternatively, is it possible to add a dummy interface on both the firewall 
domain and Dom0, and somehow tie them together via VPN?


Xen-users mailing list

<Prev in Thread] Current Thread [Next in Thread>