"DPG" wrote: > > Can anyone point me to resources for this? Is this feasible? > Yes. I have collected three books that I found informative: O'Reilly's "Virtual Private Networks" McGraw Hill's "Unix Secure Shell" O'Reilly's "Building Internet Firewalls" lrp.c0wz.com has links to CIPE. You may want to visit the mirror at http://c0wz.steinkuehler.net/ http://sites.inka.de/~bigred/devel/cipe.html http://www.linuxdoc.org/HOWTO/mini/Cipe+Masq.html
I found this link helpful. It talks about VNC but it provides a picture what you would be doing with cipe. CIPE provides a tunnel from one LAN to another. http://www.uk.research.att.com/vnc/sshvnc.html > I am trying to develop a secure VPN between two small Windows-based LANs, There are some ideas here in the cipe faq http://sites.inka.de/~bigred/devel/cipe-faq.html. If you are on a budget you can use a samba server for the WINS server. (See http://www.samba.org.) > such that for all intents and purposes, the users can't tell the difference > between resources that are truly local vs. those that are on the remote > network. The scenario involves two small real estate offices using 1.1 Mb > SDSL, with the intent of sharing files and printers between the two sites. > > Does anyone know of such an implementation existing now? Are there any > specific How-tos for this? > > Any pointers appreciated. > First pointer: you are advertising a service that can be attacked. Encryption helps minimize attacks and keeping private data scrambled from packet sniffers. Some of the Real Estate data may have people's sensitive personal information flowing over the public network segment of the VPN. There are people out there that want to play with you. There are people that want to destroy your business. Just be aware of this. CIPE evolved from secure shell. That is why I provided the secure shell links and books. I found the information helpful, but you will not need all of it for implementation. Secure shell was used to run other protocols over the secure shell protocol producing the same result you desire. However, there are some problems doing this. CIPE was developed to still use secure protocols but solve some of the problem of executing one protocol over another protocol. (See http://sites.inka.de/~bigred/devel/tcp-tcp.html.) Here's a picture of what you want to do. +-------+ +-------+ | leaf | | leaf | win net ----| fwall |--VPN--| fwall |---- win net | + | | + | | CIPE | | CIPE | +-------+ +-------+ Any VPN technology implies that you have a firewall securing each LAN on either side of the VPN. You would put a CIPE package on each LEAF/LRP firewall. Then follow the how to and other links above to configure. I have not done this yet, but here's all the conceptual information. I hope this helps, Greg _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
