Date: Thu, 22 Jul 1999 16:41:54 -0400 (EDT) From: Jim Flowers <jflowers@ezo.net> To: Thomas Uhrfelt <thomas.uhrfelt@plymovent.se> Cc: skip-info@skip-vpn.org;, freebsd-security@FreeBSD.ORG Subject: Re: SV: SKIP and NAT nomadic server - howto (long) Message-ID: <Pine.BSI.3.91.990722162332.26379B-100000@lily.ezo.net> In-Reply-To: <01BED471.C8203720.thomas.uhrfelt@plymovent.se>
next in thread | previous in thread | raw e-mail | index | archive | help
Absolutely not stupid. This is the essential VPN concept (at least in my= =20 mind). There isn't any reason why the configuration that I outlined=20 shouldn't work for both ends as long as the public skiphost address on=20 one end is fixed. Even better if both skiphost addresses are known in adva= nce as=20 that relieves the requirement that the skiphosts be located in-line=20 through the use of static routes. With this kind of setup you can even access the Internet from the other=20 end, set up Exchange server replications and anything else you can think=20 of that can run over IP. Great for desktop to desktop transfer if you=20 have enough bandwidth. For secure systems, I prefer a screened subnet system. The skiphost=20 functions can be combined with bastion host functions running on a=20 perimeter network. I have one system with VPN nodes in USA East Coast, USA West Coast, Belgium, Goa, India and Taiwan. Soon to add USA Southeast and Delhi, India. Works great. Jim Flowers <jflowers@ezo.net> #4 ISP on C|NET, #1 in Ohio On Thu, 22 Jul 1999, Thomas Uhrfelt wrote: > Excuse me if I am a bit stupid here but my question boils down to this.. >=20 > Is it possible to connect two private (192.168.1.0/24 and 192.168.10.0/24= )=20 > networks on the net via 2 skip/natd gateways and still have the original = natd=20 > functionality (http etc for the clients)? >=20 > Thomas Uhrfelt thomas.uhrfelt@plymovent.se > Computer Technician >=20 > PlymoVent AB > F=F6reningsgatan 37 > 211 52 Malmoe > Sweden >=20 > http://www.plymovent.com >=20 >=20 >=20 >=20 >=20 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSI.3.91.990722162332.26379B-100000>