Hi Edgar, Am Don, 2003-08-07 um 22.41 schrieb Edgar Bautista Monroy: > scenario 1 > > I need to comunicate a branch office to my central office, behind of each > one I�ve got o network ( in my central office there is a NT domain > and in the other end a point to point network windows network ) the need to > make this implementation is to connect the branch office to use the > DB and run our applications beside I�d like to masq the ip addresses in this > side to provide internet service in this branch using the local gateway. > > > I�ve read some articles about but I�ve got some doubts: > > Do I need two registered IP�s one for each gateway? It is easier if at least one gateway uses a permanent IP address.
> Do I need to implement Samba in each gateway to see all the network from any > PC behind the gateway? No. But you probably want WINS or DNS support across the VPN. > Which is the best option to suit this situation opportunistic encryption or > Network-to Network VPN ? Network-to-Network VPN in your terminology. If you know the peers it is always safer to specifically set it up than to use OE. > I�ve got a linux 8.0 running to masq all the ip addresses , could I use this > box to do more than masq ip�s addresses? > this one in connected to a ISDN modem with a static IP. What do you mean? Of course, this box can be firewall, VPN gateway, etc. Although if you are using ISDN do not expect that much throughput. > > > scenario 2 > > Basically it differs on how to implemet the scenario 1 using " Road Warriors > " I mean my remote clients > should be Windows 9x ,XP, 2000 instead of using a gateway in the other end, > the reason in because I need my client can connect to > my central office to provive access to my DB. Well, WinXP and 2k have a native IPsec client. Microsoft provides an free upgrade to Win9x. But you can always use the commercial clients like SSH Sentinel and Soft Remote. All clients can talk to FreeS/WAN. > > > I read the documentation on the Frees/Wan site but can some one recommend me > another site? The following page has many links to additional documentation (esp. Windows) http://www.freeswan.org/freeswan_trees/freeswan-2.01/doc/interop.html > Is it possible to implement this solution in a lab enviroment before in a > production enviroment? If you have the hardware: yes. Cheers, Ralf -- Ralf Spenneberg RHCE, RHCX Book: Intrusion Detection f�r Linux Server http://www.spenneberg.com IPsec-Howto http://www.ipsec-howto.org Honeynet Project Mirror: http://honeynet.spenneberg.org _______________________________________________ FreeS/WAN Users mailing list [EMAIL PROTECTED] https://mj2.freeswan.org/cgi-bin/mj_wwwusr
