|
Posted by AM on December 13, 2005, 3:10 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Sorry guys,
maybe the question has been already posted but I would like to clearly
distinguish whether the following scenario could
accept both the solutions or I need without no doubts the LAN-to-LAN.
Imagine you have 2 LANs or 2 groups of LANs (say A that offers services and the
other one (B) that access A resources)
located behind 2 devices doing NAT: it is quite simple, that's the most common
scenario.
Would be possible to use software clients installed on workstations belonging to
network B accessing the same endpoint
(the public endpoint of A LAN) using IPsec?
I don't think so because IPsec uses UDP 500 port as the source port and traffic
coming from the same public IP will have
packets authenticated in different manners. So the A endpoint will think that
some one is trying to substitute to the
first endpoint that initiated the tunnel.
Please, tell me whether my idea is wrong or not. We have been giving services to
our customers and we have been facing
their lack of understanding on the reason we want to install routers at their
site (if they don't have any devices that
permit to build a VPN or they haven't the knowledge to do that) when they have
more than one workstation that needs to
access our resources.
I apologize for my English but if you have some documents that explains what I
wrote about reporting why someone needs
to have a LAN to LAN scenario instead of a lot of software clients I shall
really appreciate it.
Many thanks
Alex.
| 
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map