RE: VPN Confusion

Tankhiwale, Renuka \(Renuka\) Mon, 11 Jun 2001 11:51:37 -0700

In a gateway to gateway VPN, traffic is tunneled between two local nets/intranets so you do not have to do any NATing. If you have illegal ip addresses behind the gateways like 10.0 net and a 12.0 net, you can still access those using the tunnel.

IPSec ESP encapsulates the packet and tunnels(literally) over to the other side. The other side router already knows the internal network.

Moreover, you need not hav e 172.... address for FTP server since it is not for public access. You can hide it behind the tunnel by using some internal /intranet /localnet IP address like 10.0. address.

-----Original Message-----
From: Swamy Patil [mailto:[EMAIL PROTECTED]]
Sent: Sunday, June 10, 2001 10:06 PM
To: [EMAIL PROTECTED]
Subject: VPN Confusion

Hi everybody,

I am having a little doubt about Gateway-to-gateway VPN :

Consider the case of a two offices one in Mumbai and the one in Newyork:

The IP addressing for the Mumbai Office is 192.168.61.0

Thre IP addressing for the Newyork Office is 172.16.12.0

Consider 2 gateways protecting the respective offices at Mumbai and Newyork are configured for gateway to gateway VPN.

Consider an FTP server at the newyork with the IP address 172.16.12.200 (FTP server not meant for public access and is only for Newyork and Mumbai Offices).

Now with the VPN between the two Offices ,is it possible for the desktop machine(192.168.61.40) at the mumbai office have the FTP to the Newyork FTP server without NAT or redirection at the Newyork gateway.

i.e., if the client at mumbai types" FTP 172.16.12.200" and presses Enter will he be able to get the access to the FTP server assuming he has the full access permission to the FTP Server.

Conclusion:

Does the FTP server at the Newyork has to be NATted to the Valid IP or not required.

Please give some suggestions on this

Thanks in advance

Swamy Patil

RE: VPN Confusion

Reply via email to