Actually neither. The fiber is bandwidth-limited. It's a 6mb
symmetrical, point-to-point switched fiber circuit (called t-lan by the
vendor).
Keith Mitchell
CTO
Productivity Associates, Inc.
5625 Ruffin Rd STE 220
San Diego, CA 92123
858-495-3528 (Direct)
858-495-3540 (Fax)
Larry wrote:
C
Keith Mitchell wrote:
> I'm trying to connect a branch office to my main office.
>
> I have data and voice that need to flow between the branch office and
> the main one.
>
> I have a VPN setup for the data, and a dedicated fiber trunk between the
> two offices.
>
> I thought I'd try to use the
Tom Eastep wrote:
> Keith Mitchell wrote:
>> I'm trying to connect a branch office to my main office.
>>
>> I have data and voice that need to flow between the branch office and
>> the main one.
>>
>> I have a VPN setup for the data, and a dedicated fiber trunk between the
>> two offices.
>>
>> I t
Keith Mitchell wrote:
> Sigh. Fixed my pretty little ascii art.
>
>
> eth1 - 10.253.0.1 eth3 - 10.253.0.254 eth0
> /---\ eth0 192.168.1.1/24 --- Office A
> - - Office B --- 10.254.0.1/24
> \-vpn---/ eth2 eth
Tom Eastep wrote:
Keith Mitchell wrote:
Sigh. Fixed my pretty little ascii art.
eth1 - 10.253.0.1 eth3 - 10.253.0.254 eth0
/---\ eth0 192.168.1.1/24 --- Office A
- - Office B --- 10.254.0.1/24
\-vpn---/ eth2
Keith Mitchell wrote:
>>
> Sorry about that. My brain was a little fried last night.
>
> Here's the networkb uncorrupted.
>
> Yes, the vpn is an ipsec vpn. It works fine thanks to your excellent
> documentation and openswan.
>
> If I do a "ping -I eth1 10.254.0.x" (any address) from the ne
Tom Eastep wrote:
Keith Mitchell wrote:
Sorry about that. My brain was a little fried last night.
Here's the networkb uncorrupted.
Yes, the vpn is an ipsec vpn. It works fine thanks to your excellent
documentation and openswan.
If I do a "ping -I eth1 10.254.0.x" (any address)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Keith Mitchell wrote:
>>
> Sorry. That should read "Office A Firewall Host" and "Office B Firewall
> Host"
>
> If I do a "ping -I eth1 10.254.0.x" (any address on that subnet) from
> the Office A Firewall Host (source IP 10.253.0.1), I get no ret
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tom Eastep wrote:
> Keith Mitchell wrote:
>
>>>
>> Sorry. That should read "Office A Firewall Host" and "Office B Firewall
>> Host"
>
>> If I do a "ping -I eth1 10.254.0.x" (any address on that subnet) from
>> the Office A Firewall Host (source I
Tom Eastep wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tom Eastep wrote:
Keith Mitchell wrote:
Sorry. That should read "Office A Firewall Host" and "Office B Firewall
Host"
If I do a "ping -I eth1 10.254.0.x" (any address on that subnet) from
the Office A
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Keith Mitchell wrote:
> I think I get it. So for starters, I need to take the firewall rules
> out of the tcrules and route_rules files to make sure the firewall(s)
> can direct traffic appropriately.
> (remove the LO lines from the route_rules and
Tom Eastep wrote:
> Keith,
>
> Since the point when you hijacked Mike Lander's thread, you have not
> explained exactly what you are trying to accomplish. I have explained to
> you what is happening but I can't tell you how to fix it until you
> explain to us what you want to have happen.
>
> Until
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Keith Mitchell wrote:
> I'm attempting to connect a branch office (Office A - private lan
> 192.168.1.0/24), to a main office (Office B - private lan 10.254.0.0/24)
> via two different connections for fail-over and data segregation.
>
> Connection
Tom Eastep wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Keith Mitchell wrote:
I'm attempting to connect a branch office (Office A - private lan
192.168.1.0/24), to a main office (Office B - private lan 10.254.0.0/24)
via two different connections for fail-over and data segregation.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Larry wrote:
> Tom Eastep wrote:
> If you want to select via policy routing, then I suggest replacing IPSEC
> with OpenVPN.
> You previously stated "Each office has a 3 card router - one card for
> internal network, on card for internet (and ipsec vp
15 matches
Mail list logo
