Marcello ,
If you don't mind, i'd like to know more info or what to read to
acomplish your first scenario:
PC ------ Internet ------ OpenBSD -------- LAN
PC ------------ IPSec Tunnel -------------- LAN
Thanks!
Marcos Laufer
Marcello Cruz escribiC3:
Toni,
Do you mean a VPN where only a HOST will access an entire NETWORK? If
so, then the answer is YES.
For instance, I have some OpenBSD servers acting as VPN Server and
they allow me to connect from home to the networks behind those
OpenBSD servers.
PC ------ Internet ------ OpenBSD -------- LAN
PC ------------ IPSec Tunnel -------------- LAN
I also have other situations where I need an entire LAN communicate
with other LAN, like:
LAN ------ OpenBSD/Other ------ Internet ------- OpenBSD ------ LAN
LAN ----------------------- IPSec Tunnel --------------------------- LAN
What do you need?
----- Original Message ----- From: "Toni Mueller" <openbsd-m...@oeko.net>
To: <misc@openbsd.org>
Sent: Friday, April 03, 2009 5:43 PM
Subject: Re: VPN client-to-site over IPSec
Hi,
On Fri, 03.04.2009 at 12:43:33 -0300, JoC#o Salvatti
<salva...@gmail.com> wrote:
Is it possible to implement a client-to-site VPN over IPSec? I have
searched on the web, but only found site-to-site models.
what exactly do you mean by "client to site"?
You can distinguish between transport mode, where you use the IP that
you actually use, as an endpoint, and tunnel mode, where you assign an
IP of your chosing for use inside the tunnel, and then use that IP for
all of your connections.
Usually, "site-to-site" is associated with tunnel mode, and I currently
see no reason, and much less any advantage, in using transport mode.
Kind regards,
--Toni++
