[prev in list] [next in list] [prev in thread] [next in thread]
List: ipcop-user
Subject: Re: [IPCop-user] IPSec VPN routing question
From: "Administrator" <admin () different-perspectives ! com>
Date: 2007-05-30 21:25:27
Message-ID: 012801c7a301$0d8cbb10$1439a8c0 () avon
[Download RAW message or body]
> > admin@different-perspectives.com writes:
> > >I have 2 IPCop protected networks connected GREEN - GREEN by the
> > >out-of-the-box IPSec VPN. One end has an orange zone, and I
> > would like
> > >to enable GREEN - ORANGE connections.
> >
> > I did this successfully simply by changing the subnet mask.
> > For instance:
> >
> > IPCop1 = 192.168.1.0/253 with:
> > GREEN = 192.168.1.0/255
> > ORANGE = 192.168.1.1/255
> > BLUE = 192.168.1.2/254
> >
> > IPCop2 = 192.168.4.0/253 with:
> > GREEN = 192.168.4.0/255
> > ORANGE = 192.168.5.1/255
> > BLUE = 192.168.6.2/254
> >
> > VPN set to 192.168.1.0/254 <-> 192.168.4.0/254
> >
> > This gives both GREEN access to the GREEN and ORANGE of the remote
> > network. Since ORANGE cannot initiate connections, period,
> no danger
> > of cross-contamination from a compromised appliance in ORANGE.
>
> Thanks. I thought about that, but the hassle of changing
> addresses of servers etc everywhere is more than I can bear.
>
> It may be a good thing to add as a recommendation to the
> IPCop documentation ... I'd suggest as a /253 block with
> green & blue in a /254 and organge and any zerina vpns in a
> "neighbouring" /254.
Sorry, stupid. /22, /23 blocks, of course.
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
IPCop-user mailing list
IPCop-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ipcop-user
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic