On Sun, 2007-12-09 at 08:22 -0800, Michael Tinsay wrote: > Is the other computer on Smart Bro? I missed that. > But first, you'll have to get the public Internet address of both > ends, or at least one. Chances are, each computer is connected > to an Internet router/gateway. Better give us more details > of your setup.
The OP needs to clarify first if, in fact, both ISPs really give him private IPs. it might just be that he's looking at the IP his router gives him, which would be a private IP on the inside of his LAN rather than the outside facing public IP address. That said though, I've seen some setups where it's NOT POSSIBLE to get a public internet address. oh, you can figure out what the public address is (e.g., by going to one of those websites that tells you what your IP is, or by surfing to grc.com and having it run a portscan). It's just that, the ISP seems to be doing NAT (perhaps to conserve IPs, but possibly also to block low end broadband users from using their connections for hosting servers) and the ISP won't do port forwarding (or maybe they do, but the tech support is incompetent and knows nothing about that, likely though port forwarding would be too much trouble and you'd just never do it). If both of the OP's ISPs are doing that (NAT), then he's SOL since he definitely needs at least one endpoint to be publicly accessible and it's not likely that two different ISPs are peering those private IPs to each other. > As far as VPN is concerned, you have a number of options:SSL VPN, > IPsec and PPTP. This is the order of my recommendation. I prefer openvpn. stupid simple to install (something that can't be said about IPsec, although I haven't tried SSL VPN) and more secure than PPTP (at least, when I last looked at PPTP, 4 years or so ago, things might have improved by now). openvpn also has UDP and TCP modes (very useful for restarting VPN connections that timeout when the external IP on one side of the link changes due to DHCP lease expiration or similar. TCP is useful if you can't use UDP for some reason (e.g., openvpn can be tunneled through squid or other httpd proxies if only http traffic is allowed to connect outward). usually, for the simplest connections (e.g., just share one or two services between two subnets), I just setup ssh port forwarding. but if more than that needs to be shared, openvpn is very convenient. tiger _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List [email protected] (#PLUG @ irc.free.net.ph) Read the Guidelines: http://linux.org.ph/lists Searchable Archives: http://archives.free.net.ph
