Thread
:
VPN alternative: ssh -w
View Single Post
#
13
(View Single Post)
3rd February 2009
jggimi
More noise than signal
Join Date: May 2008
Location: USA
Posts: 7,975
Problem statement and solution architecture
As I'd stated above, IPSec is easier because one doesn't need to deal with a virtual subnet on the tunnel itself, as we do with SSH. When I tested this, I just used NAT on tun0 -- but this more robust solution, below, is a possibility. I may use BINAT and NAT in combination, if I determine it makes a simpler solution.
I'll be testing this and coming up with sample scripts and config files this week, but I thought I would publish an initial architecture beforehand... just in case I've missed something obvious. And it's easy to miss something; there are six virtual IP subnets in the solution.
Problem:
Solution:
Last edited by jggimi; 3rd February 2009 at
08:21 PM
.
jggimi
View Public Profile
Visit jggimi's homepage!
Find all posts by jggimi