denverjaye
asked on
What are the standards these days in setting up a VPN tunnel?
We have now had several companies require that we use Public IP addresses inside VPN tunnels when setting them up. We are not a large company and may not be able to afford purchasing a bunch of Public IP addresses for this purpose. What happened to agreeing on an intermediate Private IP range using NAT or even using one side or the other's Private IP range and NAT? Are the times changing and we are falling behind? Should we be changing our standards or are these isolated companies that aren't playing nice? What are the standards these days?
For a VPN to work it usually requires that at least one end has a static Public IP. However, if you are installing a VPN router you can establish any number of tunnels using that one static IP. The remote end, if a VPN software client can use any IP static or dynamic, and if it is another VPN router, many (not all) can be used with a DDNS (Dynamic Domain Name Service) and a dynamic IP.
ASKER
I know that you need both ends to have a Public IP endpoint for the VPN routers to be able to communicate with each other. What I am finding is that a few companies are requiring that the addresses used inside the tunnel are Public IP addresses as well. One of the nice things about a VPN tunnel is that you CAN connect two Private IP ranges over the internet using one. All you have to do is either make sure the both companies are not using the same subnets or set up an intermediate network and use NAT. There is no need for wasting costly Public IP addresses inside the tunnel. My question is is this a new trend or are these few companies being unreasonable in their requirements?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Thanks denverjaye.
Cheers !
--Rob
Cheers !
--Rob