Simple enough really. Can I create a IPSEC rule/filter between two publically available servers (they are actually on the same network) while still allow external traffic to the same resources.
I'll try to give as much info as possible:
Web Server <--> Database Server, of which both have Public IPs.
I want to secure database traffic/connections from the web server but yet still allow external direct connections, from my office, to the database server, if needed.
The thing is, and the reason I ask all this, is that the two servers are Virtuzzo servers in a data centre somewhere, maybe even on the both hardware node. I'd like for the "between" server traffic to be secure at least.
I found many step by step guides on how to setup the filters, I just want to confirm my request.
Yes you can do this and I highly recommend doing so, if you want direct connections to the DB server from a non intranet location. The external allow rule should only allow the traffic from the ports you want (eg 80 443)