take a look at http://vtun.sourceforge.net
Azher -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Rick Brown Sent: Tuesday, February 26, 2002 8:58 PM To: [EMAIL PROTECTED] Subject: Site to site VPN I have to connect via VPN to another site and I need some advice/insight. Like everyone else, we have a set number of public IP addresses. The VPN is going to be two way (i.e. site A needs to access site B hosts and site B needs to access site A hosts). I'm a little fuzzy as to how to define the encryption domain. Our firewall is doing a HIDE NAT using the public address of the firewall. If I understand things, if I use my entire public range as the encryption domain, things should work but if a public system is compromised they could potentially get VPN access to the other site (right?). Would static mappings get around this and, if so, would I just define a portion of the public range as the encryption domain? I'd like to not have to do static mappings so that I don't use up a lot of IP addresses. Any help would be appreciated. Thanks. __________________________________________________ Do You Yahoo!? Yahoo! Sports - Coverage of the 2002 Olympic Games http://sports.yahoo.com _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
