Solved

Site to Site IPSEC VPN to tunnel ONLY external IP's

Posted on 2006-10-20
3
224 Views
Last Modified: 2010-04-09
Okay. So someone asked me..."i want to setup an IPSEC tunnel to encrypt public IP traffic btw two locations." so essentially, setting a site to site VPN not to private to private network but to two public ips.

On my end of things, i have a HTTP service running on IP-A. the Remote location is IP-B. So when HTTP requests originate from IP-B, traffic will be tunneled.

Does that make sense?!?
0
Comment
Question by:overworkedops
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 11

Accepted Solution

by:
prueconsulting earned 500 total points
ID: 17775866
I don't see why you couldnt do this using the IP's as your "networks"

Because the traffic will obviously pass across the VPN devices either way


I.e IP_A --VPN Device --------VPN Device----IP_B
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 17779799
An IPSEC VPN using the Internet is using public IP addresses to form the tunnel anyway, not private ones as the two endpoints need to be able to communicate across the link before the tunnel is created.

A secondary stage of the creation will define what traffic/ports will be allowed to pass across the vpn tunnel so yes, it makes sense.
0
 
LVL 11

Expert Comment

by:prueconsulting
ID: 17780532
Now if you are attempting to have the Webservers themselves be the VPN end points I would have to say no.. (I.e linux boxes also running Apache and something like OpenSwan) , since you did not provide any details on how you are planning to achieve the VPN connectivity..
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question