since i've got a new website that requires SSL i'm learning about apache virtual hosting. it seems straightforward enough, but i've noticed that apache 1.3 docs (see http://httpd.apache.org/docs/1.3/vhosts/name-based.html ) say:
"Name-based virtual hosting cannot be used with SSL secure servers because of the nature of the SSL protocol." the new site needs its own SSL certificate and it is unacceptable to use the same certificate from my existing site. i am in possession of a block of 8 IPs here at work and would like to host the new site on one of my unused IPs. my setup at home has openbsd doing the pppoe and uses binat to accomplish the mapping of the other static IPs to local machines behind nat. however, at work there is a netopia 3346N-002 router which does the pppoe and routes the public IPs. the current setup at work is that all machines are nat-ed to a single static IP and the firewall sits directly behind the router, which routes the public IPs on its integrated 4 port switch. here is a diagram: ####################### ######################## # router # # firewall # # pub IP = X.Y.Z.15 # # pub IP = X.Y.Z.13 # # LAN IP = X.Y.Z.14 #---LAN---######################## ####################### the public IP X.Y.Z.8 needs to be mapped to a machine behind the firewall. i have not been able to figure this out and am beginning to think that it might not be possible to do with this router. if it's a matter of adding routes and such, please clue me in as i've tried many things along these lines already. i am fully aware that i could make the router run in "bridging" mode, so that the firewall would handle the pppoe and be able to easily binat the addresses as required. this prevents me from adding another firewall in parallel, a la carp, to the existing one since the first firewall is now doing pppoe. it would be optimal to use the netopia for this, allowing for easy carp setup at a later date (give both firewalls public IPs and have the router doing pppoe). this raises another question i've had on my mind for quite some time: what, if any, are the advantages of doing pppoe using openbsd, as opposed to using a hardware router of some sort? any suggestions on how to resolve any of these issues would be appreciated. cheers, jake
