Date: Thu, 22 Jul 1999 16:41:54 -0400 (EDT) From: Jim Flowers <jflowers@ezo.net> To: Thomas Uhrfelt <thomas.uhrfelt@plymovent.se> Cc: skip-info@skip-vpn.org;, freebsd-security@FreeBSD.ORG Subject: Re: SV: SKIP and NAT nomadic server - howto (long) Message-ID: <Pine.BSI.3.91.990722162332.26379B-100000@lily.ezo.net> In-Reply-To: <01BED471.C8203720.thomas.uhrfelt@plymovent.se>
next in thread | previous in thread | raw e-mail | index | archive | help
Absolutely not stupid. This is the essential VPN concept (at least in my mind). There isn't any reason why the configuration that I outlined shouldn't work for both ends as long as the public skiphost address on one end is fixed. Even better if both skiphost addresses are known in advance as that relieves the requirement that the skiphosts be located in-line through the use of static routes. With this kind of setup you can even access the Internet from the other end, set up Exchange server replications and anything else you can think of that can run over IP. Great for desktop to desktop transfer if you have enough bandwidth. For secure systems, I prefer a screened subnet system. The skiphost functions can be combined with bastion host functions running on a perimeter network. I have one system with VPN nodes in USA East Coast, USA West Coast, Belgium, Goa, India and Taiwan. Soon to add USA Southeast and Delhi, India. Works great. Jim Flowers <jflowers@ezo.net> #4 ISP on C|NET, #1 in Ohio On Thu, 22 Jul 1999, Thomas Uhrfelt wrote: > Excuse me if I am a bit stupid here but my question boils down to this.. > > Is it possible to connect two private (192.168.1.0/24 and 192.168.10.0/24) > networks on the net via 2 skip/natd gateways and still have the original natd > functionality (http etc for the clients)? > > Thomas Uhrfelt thomas.uhrfelt@plymovent.se > Computer Technician > > PlymoVent AB > Föreningsgatan 37 > 211 52 Malmoe > Sweden > > http://www.plymovent.com > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSI.3.91.990722162332.26379B-100000>