|
Hi Walden, It sounds like you have this setup now. Would you mind sharing model numbers? Thanks, Gary > OK, this is when I like things that _aren't_ bundled together. Let's see > if I can ASCII-art this: > > > -----Internet----- > | > | > Firewall > | > | > -------DMZ-------- > | | > | | ---WirelessLan--- > | | | > GW VPNServer-------WirelessRouter > | | > | | > ---InternalNet--- > > The gateway (GW) is a linksys router (w/o wireless) and the wireless > router is a linksys wireless access point (but not router). Since > they're separate devices I can assign separate IP ranges. Don't know if > you can do that w/the integrated models. The VPNServer is a W2K box > running RAS. > > The DMZ has by 68.164.141.x IPs, the InternalNet has my 10.100.10.x IPs > and the wireless has my 10.100.12.x Ips. > > -Walden > > > ------------ > Walden H Leverich III > President & CEO > Tech Software > (516) 627-3800 x11 > WaldenL@xxxxxxxxxxxxxxx > http://www.TechSoftInc.com > > Quiquid latine dictum sit altum viditur. > (Whatever is said in Latin seems profound.) > > > > -----Original Message----- > From: pctech-bounces@xxxxxxxxxxxx [mailto:pctech-bounces@xxxxxxxxxxxx] > On Behalf Of Gary Kuznitz > Sent: Thursday, 17 March, 2005 01:50 > To: PC Technical Discussion for iSeries Users > Subject: Re: [PCTECH] RE: Communicate from a laptop > > Hi Walden, > > > So what I'm proposing is put > > the wireless people on their own subnet and bring up a VPN connection > to > > the "real" subnet. This way they can access "protected" resources over > > the VPN and still be wireless. > I'm not following how to accomplish this. Maybe you have more > resources than I am thinking about. If a person uses a SonicWall > TZW the Wireless is on a different subnet than the lan. But of > course it comes with a VPN for the wireless. If a person uses any > other wireless router they only allow you to have one subnet on the > router. (At least the ones I have been working with) > I don't understand this even if you have one router for wireless and > one router for a Lan. The Lan router would have to be able to > accept more than one subnet. If you are talking about a very > expensive router I could understand this. Do you know of routers > under $150 that can do this? I'd love to learn more details of what > you are proposing. > > > Now, as for the internet, you could either force them to come over the > > VPN and then out through the same interface as the hardwired people, > or > > you could provide another route to the internet for the wireless > people. > It makes sense. I just don't know of what hardware/software is > required to accomplish this. > > > Make sense, or did I miss something? > > > > -Walden > Thank you, > > Gary Kuznitz > > > > > ------------ > > Walden H Leverich III > > President & CEO > > Tech Software > > (516) 627-3800 x11 > > WaldenL@xxxxxxxxxxxxxxx > > http://www.TechSoftInc.com > > > > Quiquid latine dictum sit altum viditur. > > (Whatever is said in Latin seems profound.) > > > > > > > > -----Original Message----- > > From: Gary Kuznitz [mailto:docfxit@xxxxxxxxxxxx] > > Sent: Wednesday, 16 March, 2005 15:09 > > To: PC Technical Discussion for iSeries Users > > Cc: Walden H. Leverich > > Subject: RE: Communicate from a laptop > > > > Moved from Midrange List > > > > Hi Walden, > > > > Thanks for your input. My iimmediate need is to protect the wireless > > transmission in the office. I can easily setup a VPN tunnel between > > the laptop --> over wireless --> to a remote office. Which covers > > the wireless part easily. The problem is when I need to surf the > > internet to other locations. Like when I need to transmit to other > > people that don't have VPN setup. At these times I'd like to have > > the wireless protected. > > > > Thank you, > > > > Gary Kuznitz > > > > > Gary, > > > > > > We use W2K as our VPN server (no surprise there, right? <G>) so what > > we > > > did in this situation was deploy a second subnet for all wireless > > > access. That subnet, while it has a private IP range (10.100.12.x) > is > > > still considered by us to be a public network, so there's no direct > > > connect between the wireless subnet and our internal network. > However, > > > the VPN server is connected to that subnet. So when you're wireless > > you > > > need to bring up a VPN connection just as if you were anywhere on > the > > > internet, and the connection is the same one you'd bring up from > home > > -- > > > into the same VPN server you'd access from home. > > > > > > What I'm getting at is, do you need a separate VPN server for the > > > wireless stuff, or can you setup your current VPN server to handle > > > another subnet? > > > > > > -Walden > > > > > > > > > ------------ > > > Walden H Leverich III > > > President & CEO > > > Tech Software > > > (516) 627-3800 x11 > > > WaldenL@xxxxxxxxxxxxxxx > > > http://www.TechSoftInc.com > > > > > > Quiquid latine dictum sit altum viditur. > > > (Whatever is said in Latin seems profound.) > > > > > > > > > > > -- > > This is the PC Technical Discussion for iSeries Users (PcTech) mailing > list To > > post a message email: PcTech@xxxxxxxxxxxx To subscribe, unsubscribe, > or change > > list options, visit: http://lists.midrange.com/mailman/listinfo/pctech > or email: > > PcTech-request@xxxxxxxxxxxx Before posting, please take a moment to > review the > > archives at http://archive.midrange.com/pctech. > > > -- > This is the PC Technical Discussion for iSeries Users (PcTech) mailing > list > To post a message email: PcTech@xxxxxxxxxxxx > To subscribe, unsubscribe, or change list options, > visit: http://lists.midrange.com/mailman/listinfo/pctech > or email: PcTech-request@xxxxxxxxxxxx > Before posting, please take a moment to review the archives > at http://archive.midrange.com/pctech. > > -- > This is the PC Technical Discussion for iSeries Users (PcTech) mailing list To > post a message email: PcTech@xxxxxxxxxxxx To subscribe, unsubscribe, or change > list options, visit: http://lists.midrange.com/mailman/listinfo/pctech or > email: > PcTech-request@xxxxxxxxxxxx Before posting, please take a moment to review the > archives at http://archive.midrange.com/pctech.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.