Lonnie may not have been clear enough. It will work only if each client
has their own VPN client installed. Apple devices have it built in, for
Windows you will have to download a client and run it.
If the clients do not have a IPSec VPN Client and you are trying to use the
AstLinux box as a bridge/gateway to a VPN then no, it will not work as you
have drawn. It might work in an environment where you run two VLANs over a
single wire, but then you need a managed network switch, and I'm pretty
sure your DLS router won't support VLANs. Don't know about Astlinux. But
this is getting way to complex for what you are trying to do.
In my network I have..
Internet
|
DSL/Cable Modem (not router)
|
Astlinux
|
10/100/1000 Switch
|
Wireless Access Point (actually a Router configured in "bridge" mode).
I actually have three Wireless access points in various locations in my
house to ensure good coverage, all in bridge mode. I bought a couple of
them cheep ($25 each probably after a rebate) as I didn't need
latest-and-greatest speeds.
David
On Tue, Oct 2, 2012 at 1:15 PM, Tom Chadwin
<[email protected]>wrote:
> Single IPs. I'm looking for a solution to the problem that my net5501
> doesn't have wifi, but the router behind which it sits does. That's the
> only
> thing I'm trying to solve.
>
> So it should work?
>
> Thanks
>
> Tom
>
>
> -----Original Message-----
> From: Lonnie Abelbeck [mailto:[email protected]]
> Sent: 02 October 2012 17:57
> To: AstLinux Users Mailing List
> Cc: Tom Chadwin
> Subject: Re: [Astlinux-users] Astlinux VPN endpoint for clients not behind
> it
>
> Tom,
>
> Are these 'clients' single IP's or subnets ?
>
> Assuming single IP's like mobile iOS, PC's, etc. using IPsec/XAuth (IPsec
> Mobile on AstLinux) should work, no different then if they originated via
> the public internet.
>
> You can "Push Network(s)" to the clients, but only if they support the
> Cisco
> XAuth extensions (iOS, OS X and Cisco client does), other clients would
> need
> to be manually configured which networks go into the VPN, or possibly send
> all traffic via the VPN, which is the default.
>
> Lonnie
>
>
> On Oct 2, 2012, at 11:27 AM, Tom Chadwin wrote:
>
> > Hello all
> >
> > Subject line does not explain this very well. I've successfully set up
> > AstLinux IPSec VPNs before. However, I'd like to know if it is
> > possible to set it up as follows:
> >
> > Internet
> > |
> > DSL router - client
> > |
> > Astlinux
> >
> > More precisely, Astlinux would be cabled to the DSL router, while
> > clients would connect wirelessly to the DSL router. In other words,
> > Astlinux is not _between_ the clients and the internet. Those clients
> > need to use the IPSec VPN.
> >
> > Is this at all possible, if I add routes via Astlinux to the clients
> > to the remote subnets?
> >
> > Thanks
> >
> > Tom
>
>
>
>
> ------------------------------------------------------------------------------
> Don't let slow site performance ruin your business. Deploy New Relic APM
> Deploy New Relic app performance management and know exactly
> what is happening inside your Ruby, Python, PHP, Java, and .NET app
> Try New Relic at no cost today and get our sweet Data Nerd shirt too!
> http://p.sf.net/sfu/newrelic-dev2dev
> _______________________________________________
> Astlinux-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>
> Donations to support AstLinux are graciously accepted via PayPal to
> [email protected].
>
------------------------------------------------------------------------------
Don't let slow site performance ruin your business. Deploy New Relic APM
Deploy New Relic app performance management and know exactly
what is happening inside your Ruby, Python, PHP, Java, and .NET app
Try New Relic at no cost today and get our sweet Data Nerd shirt too!
http://p.sf.net/sfu/newrelic-dev2dev
_______________________________________________
Astlinux-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
[email protected].
