On Tue, Dec 01, 2009 at 12:07:02PM -0500, Christopher Hilton wrote:
> I'm having a problem running a TiVo for my mother-in-law. To save some money
> she changed her ISP to AT&T. The issue is that AT&T is running some sort of
> transparent web cache proxy at the base of their network and the TiVo will not
> load it's daily guide data through the cache. AT&T also charges for this kind
> of Tech support so getting the caching issue fixed is not an option.
>
> I'm running my firewall on OpenBSD and my in-laws have a similar firewall
> setup. I have already setup an IPSEC VPN between their house and mine. The
> setup looks like this:
>
> Tivo ----> [ In laws fw ] ---> ( Internet ) <--- [ my fw ] --- my net
>
> The firewall setup is for partially for my convenience. I want to seamlessly
> get to my servers when I'm over there for a bit of time. Their default gateway
> sends them to the internet through their AT&T connection but can also get to
> things on my network. If the tunnel goes down the internet works fine but they
> cannot see things in my house.
>
> What I would like to do is arrange for their TiVo to pass all of it's traffic
> through the tunnel and out through my firewall since my ISP is a bit easier to
> deal with.
Bob is right.
That said, this isn't actually hard to do, and the syntax is well
documented in ipsec.conf(5); just make sure the TiVo has a fixed IP
address (dhcpd.conf(5) may be useful) and the networks are on
non-overlapping netblocks.
Joachim
