At Wednesday, 28/11/2001 12:14 PM (+1100), George Vieira wrote: >You can't route internal IPs over the internet... you MUST use a tunnel or >some kind...
Well, that depends. From his config, both external IPs were on the same subnet so the ISPs router probably could be bypassed using a static route. We need to know more about the public side of the network. >You could use vpnd which uses blowfish I think... haven't used it much >before but I have used it.. The only VPN solution I would recommend would be IPSec - ie FreeS/Wan. Others have a number of significant holes. Matt >thanks, >George Vieira >Systems Manager >Citadel Computer Systems P/L > > >-----Original Message----- >From: DaZZa [mailto:[EMAIL PROTECTED]] >Sent: Wednesday, 28 November 2001 12:12 PM >To: Lyle Chapman >Cc: [EMAIL PROTECTED] >Subject: Re: [SLUG] Network To Network > > >On Wed, 28 Nov 2001, Lyle Chapman wrote: > >> To whomever can help. >> >> I want to connect 2 internal networks together across the internet using >> ipchains from 2 Linux routers. Is it possible to do this and have it >> tranparent to the internal networks. >> >> I have tried everything I can think of and have read the HOWTO but cannot >> get through. If I am inside network 1 I get as far as the router at >> network 2 but cannot see or ping their internal network. >> >> PLEASE HELP - As I am trying to learn Linux but unfortunately >> documentation is not aimed at the newbie sometimes!!! > >As far as I know, you can't do this with just ipchains - and if you could, >it'd be hideously insecure. I could be wrong about the first statement. >I'm not wrong about the second. > >You can, however, do it via FreeS/WAN. Check out http://www.freeswan.org >for details and software. > >Basically, you need to run a secure VPN encrypted across the internet. If >you don't do this, your commercial data is toast - it can be collected by >anyone with enough nouse to run a sniffer or data capture device on your >networks. Your network can also be compromised from outside much more >easily. > >DaZZa > > >-- >SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ >More Info: http://lists.slug.org.au/listinfo/slug > >-- >SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ >More Info: http://lists.slug.org.au/listinfo/slug -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
