Raymond Fung wrote: I have an interesting idea here, but don't know if it is feasible to implement nor what kind of tools are needed to implement so. The situation is as follow :

There are 3 physically disjointed sites, all are LAN of computers. Two of the sites (namely site 1 and site 2) connects to the Internet through some masquerading / NAT device using dial-up connections (thus using dynamic IP and

I did that and it works. Take care on the PC windows / Linux client routing: Assume you have a client out there connected to the internet. Internet traffic has to go to the internet, Corporate traffic has to terminate on the freeswan VPN Server. That means the client gets a specific route for the corporate and the rest goes to the internet. In the case you terminate the VPN and like to forward it to a "remote" corporate (not to the connected Network behind the freeswan). => The internet AND the corporate traffic goes trough the VPN tunnel. You have to add on the client the remote route of your reaching corporate network. That works. But you have to configure this route by hand. I' didn't found a parameter to get that out of freeswan and sending it to the VPN client (pptp, linux VPN client,...). cheers Markus -----Original Message----- From: Flavio Arthur Leal Ferreira [mailto:flavio-arthur@procergs.rs.gov.br] Sent: Thursday, March 22, 2001 1:56 PM To: suse-linux-e@suse.com Subject: Re: [SLE] interesting idea What about this alternative: you use freeswan to establish two VPN: when site1 connects to internet it establishes one VPN with site 3; when site2 connects to internet it establishes one VPN with site 3; site 3 routes traffic to the internal network address (fixed) of site 1 and 2 via its corresponding logical VPN interfaces. Site 1, when connected, has a route to site2's internal network address(fixed) through its logical VPN interface; Site 2, when connected, has a route to site1's internal network address(fixed) through its logical VPN interface; telnets, ..., are made using internal network addresses of the destination LAN. private

IPs), while the third site (site 3) has fixed IP address. Now, computers in site 1 wants to telnet into computers in site 2. As both sites doesn't have fixed IP, can I make use of site 3 such that some software is run on a host at site 3 waiting for connection from computers from site 1 and 2. After the two connection are made, something like a VPN can be established through this site 3 host to link site 1 and 2 together ? It would be great if I can do whatever service available (such as ftp, telnet etc.) between site 1 and site 2. This can be represented as the diagram below :

  -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq