North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: Layer4 Re: VPN Solution (WAS: ORBS (Re: Scanning))
> From: Jon Mansey [mailto:[email protected]] > Sent: Monday, May 28, 2001 7:37 AM > > Does anyone know of a way to put layer 4 switching in front of a VPN > client such that (for example) email and nntp dont get tunnelled > while everything else does, or vice-versa? Depending on requirements, isn't the whole idea to put the email into the tunnel? That's why this thread came up in the first place. BTW, SSH tunneling can drop every packet through the tunnel with a forward-all config. it isn't even very hard and can be done with a Win client, using F-Secure. In fact, sometimes that works, when PPTP doesn't, in Windows-hostile environments (*nix bigots sometimes do everything they can to screw up Win machines). However, none of it works when port 22 is blocked by the firewall. > We're probably talking Windows software here I know...... > > > > The VPN solutions I have used (e.g. Bay Networks, MS > PPTP) send *every* > >> packet from the end user machine to the VPN end-point, > not just selected > >> packets (like with SSH tunneling). > > If you want a commercial solution that does selective > tunnelling - the > >FW-1 addin (VPN-1) exports a "topography" file to the client > at setup; this > >really consists of a list of subnets that the VPN will > handle, and is set at > >the server side. anything not on the topography list goes > out via the dialup > >adaptor or network card as normal. |