[vpn] vpn planning
Travis Watson
rtwatson at qwest.net
Wed Feb 27 01:26:27 EST 2002
I'm not sure what you are running on the other side, but if you are running
FreeS/Wan on both sides (or at least two IPSec capable devices), no client
software is necessary. The VPN device will make the distant end look and
function like a logical extension of the existing LAN and vice-versa.
Two notes:
--FreeS/Wan can only do one subnet per secure connection. So if you need to
get to 5.5.0.0/16 and 6.6.0.0/16, it will require two different tunnels.
Not a big deal, but just so you know.
--IPX is bad juju with IPSec. If there is any Novel involved, try to
eliminate it or upgrade to 5.1
After the tunnel is up, just have the internal routers point remote end IPs
back to the inside IP of the VPN device, and you should be set.
Regards,
Travis
-----Original Message-----
From: Steve Hunt [mailto:stephen_hunt at sunguru.com]
Sent: Tuesday, February 26, 2002 3:47 PM
To: vpn at securityfocus.com
Subject: [vpn] vpn planning
Hi, I'm planning to install a vpn so that two of our locations can share
the same database,and access each other's local network shares. I had
planned to use free s/wan with a linux firewall like ipchains for this,
setting up a NAT with firewalling rules,then setting up the vpn on that
machine. After doing some reading, I see that there's probably more to
it. For example,do I need some kind of Windows vpn client for the windows
workstations? Is there anyway to make the vpn transparent to the user,such
that any traffic to the remote LAN is automatically routed through the vpn?
What are some general recommendations,as in what software should I use, how
to integrate firewalling into a vpn solution, sample hardware and software
setups? Thanks for any info, pointers etc yall can provide! Steve
VPN is sponsored by SecurityFocus.com
VPN is sponsored by SecurityFocus.com
More information about the VPN
mailing list