VPN
Christopher Gripp
cgripp at axcelerant.com
Thu Jul 5 13:10:12 EDT 2001
Sounds like you are talking about tunnel cascading. You can think of
tunnel cascading as transitive trusts if you're familiar with Microsoft
lingo.
(e.g. A=>B,B=>C therefore A=>C. Without cascading a lot of routes have
to be built.
It all depends on what VPN you are using. On some, like the RedCreek
and Netscreen it is an option you can turn on or off and the central VPN
equipment routes it internally.
On others you would have to add the routes on A, B and C. On the
central VPN(B) it will unencrypt the source packets from (A), send it to
a router that also needs to have the routes built out for all the
networks, that router will send it back to the central vpn(B), which
will reencrypt it and send it to the destination). So essentially, all
parties involved have to know about ALL networks involved if 'tunnel
cascading' isn't an option on the VPN box itself.
Christopher S. Gripp
Systems Engineer
Axcelerant
-----Original Message-----
From: Louella Santimano [mailto:l_santimano at yahoo.com]
Sent: Wednesday, July 04, 2001 12:39 AM
To: vpn at securityfocus.com
Subject: VPN
How do I configure a machine from Network A to go to
Network C using an IP address of Network B.
Network B has VPNs set up to both Network A and
Network C. What are the required routes and NAT rules?
__________________________________________________
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail
http://personal.mail.yahoo.com/
VPN is sponsored by SecurityFocus.com
VPN is sponsored by SecurityFocus.com
More information about the VPN
mailing list