[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-bridge
Subject: Re: [Bridge] Transparent VPN
From: Lennert Buytenhek <buytenh () gnu ! org>
Date: 2001-02-20 6:48:22
[Download RAW message or body]
Hi,
what you want should be possible.
Check out CIPE (http://sites.inka.de/~W1011/devel/cipe.html). Basically, what
you do is build an encrypted ethernet tunnel with CIPE (you need 1.5.1 for
this), create a bridge on each router, and enslave the LAN interface and
the CIPE interface to it. This will cause each router to bridge LAN packets
destined for the 'other' LAN over the encrypted tunnel built by CIPE. This
is all transparent; machines on either LAN won't notice that their peers
are on the 'other' LAN (well, except for the latency perhaps :).
It is not currently possible to act as a bridge-router; patches exist to
make this work depending on the protocol (i.e. route IP and bridge IPX) but
not depending on IP address.
cheers,
Lennert
On Mon, Feb 19, 2001 at 09:50:06PM -0300, Joao Rafael Moraes Nicola wrote:
> Hi. I currently have my LAN connected to a router, as shown bellow:
>
> LAN ------- Router ------ Internet
>
> I want to set-up a VPN to connect two such LANs, but I want to make it
> transparent, like this:
>
> LAN ------- Router ------ Internet ----- Router ---- LAN
> +->(VPN)------------------------------->(VPN)^
>
> I was planning on setting up a bridge between the Router and the LAN
> switch, which would forward all the packets through it, but would pick
> up packets destined to my remote LAN and send them through my VPN channel.
> Question: I've seen examples of Bridge-IPCHAINS being used to block
> packets, but not to route them. Could I filter some packets that go
> through the brige by their IP address and route them to another interface?
>
> Thanks,
>
> Joao Rafael Nicola
> joaoraf@rudah.com.br
>
> _______________________________________________
> Bridge mailing list
> Bridge@math.leidenuniv.nl
> http://www.math.leidenuniv.nl/mailman/listinfo/bridge
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic