|
midrange.com
OK, this is when I like things that _aren't_ bundled together. Let's see
if I can ASCII-art this:
-----Internet-----
|
|
Firewall
|
|
-------DMZ--------
| |
| | ---WirelessLan---
| | |
GW VPNServer-------WirelessRouter
| |
| |
---InternalNet---
The gateway (GW) is a linksys router (w/o wireless) and the wireless
router is a linksys wireless access point (but not router). Since
they're separate devices I can assign separate IP ranges. Don't know if
you can do that w/the integrated models. The VPNServer is a W2K box
running RAS.
The DMZ has by 68.164.141.x IPs, the InternalNet has my 10.100.10.x IPs
and the wireless has my 10.100.12.x Ips.
-Walden
------------
Walden H Leverich III
President & CEO
Tech Software
(516) 627-3800 x11
WaldenL@xxxxxxxxxxxxxxx
http://www.TechSoftInc.com
Quiquid latine dictum sit altum viditur.
(Whatever is said in Latin seems profound.)
-----Original Message-----
From: pctech-bounces@xxxxxxxxxxxx [mailto:pctech-bounces@xxxxxxxxxxxx]
On Behalf Of Gary Kuznitz
Sent: Thursday, 17 March, 2005 01:50
To: PC Technical Discussion for iSeries Users
Subject: Re: [PCTECH] RE: Communicate from a laptop
Hi Walden,
> So what I'm proposing is put
> the wireless people on their own subnet and bring up a VPN connection
to
> the "real" subnet. This way they can access "protected" resources over
> the VPN and still be wireless.
I'm not following how to accomplish this. Maybe you have more
resources than I am thinking about. If a person uses a SonicWall
TZW the Wireless is on a different subnet than the lan. But of
course it comes with a VPN for the wireless. If a person uses any
other wireless router they only allow you to have one subnet on the
router. (At least the ones I have been working with)
I don't understand this even if you have one router for wireless and
one router for a Lan. The Lan router would have to be able to
accept more than one subnet. If you are talking about a very
expensive router I could understand this. Do you know of routers
under $150 that can do this? I'd love to learn more details of what
you are proposing.
> Now, as for the internet, you could either force them to come over the
> VPN and then out through the same interface as the hardwired people,
or
> you could provide another route to the internet for the wireless
people.
It makes sense. I just don't know of what hardware/software is
required to accomplish this.
> Make sense, or did I miss something?
>
> -Walden
Thank you,
Gary Kuznitz
>
> ------------
> Walden H Leverich III
> President & CEO
> Tech Software
> (516) 627-3800 x11
> WaldenL@xxxxxxxxxxxxxxx
> http://www.TechSoftInc.com
>
> Quiquid latine dictum sit altum viditur.
> (Whatever is said in Latin seems profound.)
>
>
>
> -----Original Message-----
> From: Gary Kuznitz [mailto:docfxit@xxxxxxxxxxxx]
> Sent: Wednesday, 16 March, 2005 15:09
> To: PC Technical Discussion for iSeries Users
> Cc: Walden H. Leverich
> Subject: RE: Communicate from a laptop
>
> Moved from Midrange List
>
> Hi Walden,
>
> Thanks for your input. My iimmediate need is to protect the wireless
> transmission in the office. I can easily setup a VPN tunnel between
> the laptop --> over wireless --> to a remote office. Which covers
> the wireless part easily. The problem is when I need to surf the
> internet to other locations. Like when I need to transmit to other
> people that don't have VPN setup. At these times I'd like to have
> the wireless protected.
>
> Thank you,
>
> Gary Kuznitz
>
> > Gary,
> >
> > We use W2K as our VPN server (no surprise there, right? <G>) so what
> we
> > did in this situation was deploy a second subnet for all wireless
> > access. That subnet, while it has a private IP range (10.100.12.x)
is
> > still considered by us to be a public network, so there's no direct
> > connect between the wireless subnet and our internal network.
However,
> > the VPN server is connected to that subnet. So when you're wireless
> you
> > need to bring up a VPN connection just as if you were anywhere on
the
> > internet, and the connection is the same one you'd bring up from
home
> --
> > into the same VPN server you'd access from home.
> >
> > What I'm getting at is, do you need a separate VPN server for the
> > wireless stuff, or can you setup your current VPN server to handle
> > another subnet?
> >
> > -Walden
> >
> >
> > ------------
> > Walden H Leverich III
> > President & CEO
> > Tech Software
> > (516) 627-3800 x11
> > WaldenL@xxxxxxxxxxxxxxx
> > http://www.TechSoftInc.com
> >
> > Quiquid latine dictum sit altum viditur.
> > (Whatever is said in Latin seems profound.)
> >
>
>
>
> --
> This is the PC Technical Discussion for iSeries Users (PcTech) mailing
list To
> post a message email: PcTech@xxxxxxxxxxxx To subscribe, unsubscribe,
or change
> list options, visit: http://lists.midrange.com/mailman/listinfo/pctech
or email:
> PcTech-request@xxxxxxxxxxxx Before posting, please take a moment to
review the
> archives at http://archive.midrange.com/pctech.
--
This is the PC Technical Discussion for iSeries Users (PcTech) mailing
list
To post a message email: PcTech@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/pctech
or email: PcTech-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/pctech.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
