Layer4 Re: VPN Solution (WAS: ORBS (Re: Scanning))
Jon Mansey
jon at interpacket.net
Mon May 28 14:37:00 UTC 2001
Does anyone know of a way to put layer 4 switching in front of a VPN
client such that (for example) email and nntp dont get tunnelled
while everything else does, or vice-versa?
We're probably talking Windows software here I know......
Jon.
> > The VPN solutions I have used (e.g. Bay Networks, MS PPTP) send *every*
>> packet from the end user machine to the VPN end-point, not just selected
>> packets (like with SSH tunneling).
> If you want a commercial solution that does selective tunnelling - the
>FW-1 addin (VPN-1) exports a "topography" file to the client at setup; this
>really consists of a list of subnets that the VPN will handle, and is set at
>the server side. anything not on the topography list goes out via the dialup
>adaptor or network card as normal.
More information about the NANOG
mailing list