SSH tunnel question

[John Abreau]

On Thu, February 28, 2008 8:27 am, Tom Buskey said:
> There are advantages to both VPN and SSH.
>
> The VPN would direct all traffic to the host network.  The client's local
> network wouldn't be available.  I like this when my users are in a
> Starbucks
> somewhere.  They turn the VPN on & now only get traffic from my network.
>
> SSH is good when you want to still access the LAN and you know what you're
> connecting to on the other end.  When I'm at work, I want to connect to
> the
> printers, file servers, proxy, and ssh to systems.  But I want an SSH
> tunnel
> to my home web, SSH systems, etc.  I don't think I could do that VPN,
> though
> I'd like to hear otherwise.


Um, no. Unless you design your VPN to override everything, you have
full access to both the VPN subnet and your local network. I do this
at home on several of my machines; they're configured as clients on
my VPN at work, and they still see each other locally.

The only issue I have with it is DNS; if I allow a machine to use
the DNS servers at work, then that machine doesn't know to check
my home DNS server, and can't find my home machines by name. I solved
that by making my home DNS server also server the domains from my
work DNS. It's worked well enough that I haven't felt the motivation
to seek a more elegant solution yet.



-- 
John Abreau / Executive Director, Boston Linux & Unix
IM: jabr at jabber.blu.org / abreauj at AIM / abreauj at Yahoo / zusa_it_mgr at Skype
Email jabr at blu.org / WWW http://www.abreau.net / PGP-Key-ID 0xD5C7B5D9
PGP-Key-Fingerprint 72 FB 39 4F 3C 3B D6 5B E0 C8 5A 6E F1 2C BE 99


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.