Inter-Corporate VPN's
Jon Carnes
jonc at nc.rr.com
Mon Jul 23 21:42:09 EDT 2001
On Monday 23 July 2001 18:18, David Leija wrote:
> We are planning to deploy Netscreen NS-5's to our clients. They will
> connect to our network using specified protocols with a NS-10. I'm not
> sure this is exclusively VPN related, but we've found that a lot of
> clients are going to have network architectures similar to ours or even
> each others. We've notice at least 60% use the 172.16.0.0 range for their
> internal addressing. Do Netscreens, or possibly an alternative solution,
> account for this possibility. We want to avoid creating multiple
> DMZ-NAT-DMZ layers if possible. TIA.
>
> L. David Leija
> Penson Financial Services
> dleija at penson.com
> (214) 765-1228
>
>
>
> VPN is sponsored by SecurityFocus.com
We've had a problem with the 10.0.0.0 networks. Everyone we hook up to
seems to run one. One solution is to run two IP networks on the same wire.
We use 10.0.0.0 as our primary internal, and have a secondary 192.168.2.0
network that our primary servers also run. It gives us redundancy on our
backbone as well as a second internally routable ip address to reach our
servers.
It's not perfect, but until we move to IPV6, it works.
Jon Carnes
MIS - HAHT Commerce
VPN is sponsored by SecurityFocus.com
More information about the VPN
mailing list