SSH tunnel question
Ben Scott
dragonhawk at gmail.com
Thu Feb 28 08:51:41 EST 2008
On Thu, Feb 28, 2008 at 8:27 AM, Tom Buskey <tom at buskey.name> wrote:
> The VPN would direct all traffic to the host network. The client's local
> network wouldn't be available.
That's one way to design a VPN, but it doesn't have to be done that
way. For example:
Let's say your home LAN is 192.168.1.0/24 and the work LAN is
10.1.2.0/24. Home PC is 192.168.1.5 and work PC is 10.1.2.55. Create
a VPN net on 192.168.2.0/24. Assign the VPN interface on the home PC
192.168.2.1. Assign the VPN interface on the work PC 192.168.2.8.
Tell the work PC that 192.168.2.1 is a gateway to 192.168.1.1. Tell
all the PCs on the home LAN that 192.168.1.5 is a gateway to
192.168.2.0. Configure the home PC to forward (route) packets from
192.168.2.8 to 192.168.1.0/24 and back again. Add firewall rules to
taste.
Since there aren't any default routes mentioned in the above, the
VPN link is only known to the participating nodes, and traffic that
isn't intended for the VPN will still use whatever was there before.
-- Ben
More information about the gnhlug-discuss
mailing list