[olug] VPN / iptables type question
Nathan D. Rotschafer
nrotschafer at geniussystems.net
Thu Jan 22 22:35:08 UTC 2004
I recommend completely different subnets for each location, BUT if you want to
break up the subnet as a partial class C then you need to do it on the breaks
to make routing and netmasks etc easier.
Nate
On Thursday 22 January 2004 04:26 pm, Shaughn wrote:
> Phil Brutsche wrote:
> > Shaughn wrote:
> >> all 3 'vpn' boxes will be linux based, i'm not sure of the software /
> >> features needed. Encyrption, TLS, etc are probably key.
> >
> > In other words, it's your average, run-of-the-mill site-to-site IPsec
> > VPN.
>
> most likely yes.
>
> > The only traffic that will go over the VPN is what you specifiy in the
> > security association.
>
> This is where i don't know what you mean. I'm sure google will help a bit.
>
> > HOWEVER, you need to make sure that each site has a unique IP number
> > range. That will be true for any VPN solution.
>
> just to make sure, #1 10.0.0.100-149, #2 150-199, #3 200+ ? or are we
> talking about each sites lan addys?
More information about the OLUG
mailing list