[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] LAN to LAN VPN with same IP scheme
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > -----Original Message----- > From: Leggett, Jeff [mailto:[email protected]] > Sent: Wednesday, October 18, 2000 12:33 PM > > Well, this won't work for the simple reason you can't route > RFC addresses > (10.x.x.x. and others) via the internet. Somewhere you will > have to NAT > these to real routable addresses and you can VPN THOSE > addresses. Look at > setting up a gateway to gateway VPN solution for this. We do > it and it > works well. Excuse me? That only applies if you use IPSec in transport mode, but in tunnel mode (as most VPN are run anyway), you can easily link private addresses via the Internet. All my VPN's are private, and they link through the Internet just fine. In these VPN's you typically define NAT rules that turn NAT off between the encryption domains. However, if the network addresses are the same on both ends, you have to use NAT anyway (didn't we just have this discussion a week ago?) Regards, Frank -----BEGIN PGP SIGNATURE----- Version: PGP Personal Privacy 6.5.1 Comment: PGP or S/MIME encrypted email preferred. iQA/AwUBOe+Cm0RKym0LjhFcEQLSAwCdEF2177wrX8f6LTiJ7rNMyIS/B/UAoNNG aG9jX063x2PuFzaYypo6xufA =EETn -----END PGP SIGNATURE----- ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|