[ale] OT:VPN experts...
Joseph Knapka
jknapka at earthlink.net
Wed Jun 18 07:15:13 EDT 2003
Dow Hurst <dhurst at kennesaw.edu> writes:
> If two tunnels can be in place then you could in effect route packets
> between them and connect the two company VPNs to each other. Oops! ;-)
The Windows VPN clients I'm familiar with don't allow this; the VPN
links don't show up as routable interfaces. But you certainly have a
data path there, whether direct routes are possible or not. Of
course, you don't actually need to have both tunnels connected at once
for this issue to arise.
> Is there a open source VPN server that is configurable that could talk
> with the remote VPN servers, such as Freeswan? I don't know the gamut
> of projects out there. Replacing the proprietary router with a Linux
> box running VPN software might be a solution since open source
> solutions usually give you more control and power. Just wondering
> what is possible and the ramifications.
The Freeswan site has quite a bit of info about connecting to various
proprietary IPSec implementations. I'd really like to investigate this
possibility at some point, because having all my different VPN clients
be isolated leaves on the company net is a pain. I'd much rather have
a single server that can securely route between my LAN and the company
LAN.
But there definitely are some problems with that. I don't trust all
the hosts on the company net, and the company IT department certainly
doesn't want to trust my network. Add the fact that there are
wireless APs on both nets, and it's enough to make one's skin crawl.
Cheers,
-- Joe
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list