[38070] in North American Network Operators' Group
Re: VPN Solution (WAS: ORBS (Re: Scanning))
daemon@ATHENA.MIT.EDU (David Howe)
Mon May 28 08:49:44 2001
Message-ID: <004801c0e774$071c6d60$01c8a8c0@default>
From: "David Howe" <DaveHowe@gmx.co.uk>
To: <nanog@nanog.org>
Date: Mon, 28 May 2001 13:45:06 +0100
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu
> The VPN solutions I have used (e.g. Bay Networks, MS PPTP) send *every*
> packet from the end user machine to the VPN end-point, not just selected
> packets (like with SSH tunneling).
If you want a commercial solution that does selective tunnelling - the
FW-1 addin (VPN-1) exports a "topography" file to the client at setup; this
really consists of a list of subnets that the VPN will handle, and is set at
the server side. anything not on the topography list goes out via the dialup
adaptor or network card as normal.
