[olug] VPN / iptables type question
Phil Brutsche
phil at brutsche.us
Fri Jan 23 03:35:40 UTC 2004
Shaughn wrote:
>>The only traffic that will go over the VPN is what you specifiy in the
>>security association.
>
>
> This is where i don't know what you mean. I'm sure google will help a bit.
It's an IPsec term I learned when dealing with SonicWALLs and the KAME
IPsec tools used with FreeBSD, NetBSD, and Linux kernel 2.6.
>>HOWEVER, you need to make sure that each site has a unique IP number
>>range. That will be true for any VPN solution.
>>
>
> just to make sure, #1 10.0.0.100-149, #2 150-199, #3 200+ ? or are we
> talking about each sites lan addys?
Yes. You need to make sure each site has a unique IP subnet for the
routing to work.
Even if each site is using unique IP numbers, but if each site's network
is 10.0.0.0/255.255.255.0 you'll have trouble.
If those are your actual IP number ranges you will need to do some
network renumbering. The easy way to do it is:
Site 1: 10.0.1.0/255.255.255.0
Site 2: 10.0.2.0/255.255.255.0
Site 3: 10.0.3.0/255.255.255.0
This is how I learned to make DNS and DHCP my friends :)
--
Phil Brutsche
phil at brutsche.us
More information about the OLUG
mailing list