Solved

Site to Site IPSEC VPN to tunnel ONLY external IP's

Posted on 2006-10-20
3
227 Views
Last Modified: 2010-04-09
Okay. So someone asked me..."i want to setup an IPSEC tunnel to encrypt public IP traffic btw two locations." so essentially, setting a site to site VPN not to private to private network but to two public ips.

On my end of things, i have a HTTP service running on IP-A. the Remote location is IP-B. So when HTTP requests originate from IP-B, traffic will be tunneled.

Does that make sense?!?
0
Comment
Question by:overworkedops
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 11

Accepted Solution

by:
prueconsulting earned 500 total points
ID: 17775866
I don't see why you couldnt do this using the IP's as your "networks"

Because the traffic will obviously pass across the VPN devices either way


I.e IP_A --VPN Device --------VPN Device----IP_B
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 17779799
An IPSEC VPN using the Internet is using public IP addresses to form the tunnel anyway, not private ones as the two endpoints need to be able to communicate across the link before the tunnel is created.

A secondary stage of the creation will define what traffic/ports will be allowed to pass across the vpn tunnel so yes, it makes sense.
0
 
LVL 11

Expert Comment

by:prueconsulting
ID: 17780532
Now if you are attempting to have the Webservers themselves be the VPN end points I would have to say no.. (I.e linux boxes also running Apache and something like OpenSwan) , since you did not provide any details on how you are planning to achieve the VPN connectivity..
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Suggested Courses

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question