[ale] Routing Questions

Geoffrey esoteric at denali.atlnet.com
Sun Dec 2 20:16:04 EST 2001


Joseph A Knapka wrote:
> 
> Chris Fowler wrote:
> >
> > I have 2 networks now.  One in Buford and One in Alpharetta.
> >
> > Alpharetta:  192.168.2.0
> > Buford:  192.168.1.0
> >
> > Both networks are connected to the internet using telocity.  I want to be able to route packets between both of the private nets.  Is this possible since these
> > are 192.168.*.
> 
> You need some form of VPN.

Why?  I can understand if you want the connection to be secure, but I
didn't catch that in the original post.  Why can't he use the ips
provided by the telocity connections to provide the connectivity?

Either the PPP-over-SSH sort, or else
> IPSec (eg FreeS/WAN). The PPP-over-SSH solution is simple, I've
> used it in the past and have achieved fairly good reliability.
> It's possible to use a pair of *nix boxen, one on each private
> network, to implement this, provided the public routers on each
> net can forward SSH connections to machines on the private net
> (which is almost certainly the case).
> 
> IPsec is probably a better solution, but I have never had the
> opportunity to set up an IPsec VPN. When I looked at FreeS/WAN
> a year or so ago, it was very rough, and the documentation was
> extremely hard to follow. OpenBSD has IPsec in the standard
> kernel and toolset, it's well-documented and stable, but I
> haven't had a chance to actually use it yet. (I'm using
> OpenBSD as my firewall, but don't currently have a VPN
> running.)
> 
> The O'Reilly VPN book is good, but a bit dated (unless there's
> a new edition out). There are a number of books about IPsec
> available, which you should probably check out.
> 
> Cheers,
> 
> -- Joe
> # "This torch I bear is scorching me; Buffy's
>    laughing, I've no doubt! I hope she fries,
>    I'm free if that bitch dies... I'd better
>    help her out." -- Spike, OMWF, BtVS
> 
> ---
> This message has been sent through the ALE general discussion list.
> See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
> sent to listmaster at ale dot org.

--
Until later: Geoffrey		esoteric at denali.atlnet.com

"...the system (Microsoft passport) carries significant risks to users
that
are not made adequately clear in the technical documentation available."
- David P. Kormann and Aviel D. Rubin, AT&T Labs - Research
- http://www.avirubin.com/passport.html

---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.






More information about the Ale mailing list