[nzlug] connecting two networks?
Simon
greminn at gmail.com
Wed May 21 15:59:31 NZST 2008
On Wed, May 21, 2008 at 3:53 PM, Daniel Pittman <daniel at rimspace.net> wrote:
> I strongly suggest you read the manuals for the Fortgate devices, which
> are quite capable of creating a site-to-site VPN tunnel and include
> excellent examples and directions on how to do so.
>
>> Can this be done over ssh? I like ssh.
>
> A also strongly suggest that you avoid inventing solutions without fully
> understanding their implications: this is *not* the solution you are
> looking for.
>
> Any tunnelling of IP over TCP is a fundamental mistake, which will cause
> you significant grief at some point. Please note that this is a
> different case from tunneling /data/ over a TCP link, which is what the
> various port forwarding options available as part of SSH offer.
>
>
> If you absolutely insist on doing it that way, rather than trivially
> through the firewall hardware, then you would be well advised to use
> only the generic "SOCKS" or "dynamic" forwarding capabilities of ssh.
I agree with your points here. The fortigate filewall at the data
centre end is cool.. but what can i use on our office end.. we dont
have a firewall or router that could do this?
More information about the NZLUG
mailing list