[nzlug] connecting two networks?
Matthew Diesch
mdiesch at gmail.com
Wed May 21 16:05:21 NZST 2008
Stick an ipcop box in between your dsl router and your internal lan then
setup a Lan-lan VPN
2008/5/21 Simon <greminn at gmail.com>:
> On Wed, May 21, 2008 at 3:53 PM, Daniel Pittman <daniel at rimspace.net>
> wrote:
>
> > I strongly suggest you read the manuals for the Fortgate devices, which
> > are quite capable of creating a site-to-site VPN tunnel and include
> > excellent examples and directions on how to do so.
> >
> >> Can this be done over ssh? I like ssh.
> >
> > A also strongly suggest that you avoid inventing solutions without fully
> > understanding their implications: this is *not* the solution you are
> > looking for.
> >
> > Any tunnelling of IP over TCP is a fundamental mistake, which will cause
> > you significant grief at some point. Please note that this is a
> > different case from tunneling /data/ over a TCP link, which is what the
> > various port forwarding options available as part of SSH offer.
> >
> >
> > If you absolutely insist on doing it that way, rather than trivially
> > through the firewall hardware, then you would be well advised to use
> > only the generic "SOCKS" or "dynamic" forwarding capabilities of ssh.
>
> I agree with your points here. The fortigate filewall at the data
> centre end is cool.. but what can i use on our office end.. we dont
> have a firewall or router that could do this?
>
> _______________________________________________
> NZLUG mailing list NZLUG at linux.net.nz
> http://www.linux.net.nz/cgi-bin/mailman/listinfo/nzlug
>
More information about the NZLUG
mailing list