|
Posted by John Hyde on July 29, 2006, 4:04 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> wrote:
>
> Not really a security question at all.
>
>> If I have a VPN router in my office, and an identical one at home, allow
>> them to open a tunnel, and both networks have the same windows workgroup
>> name, does it just look like one big workgroup?
>
> Yes and no.
>
> You will be able to connect to devices by their IP but not necessarily
> to 'see' them by name.
I Assume that means the private IP address? Do both networks need to be
using the same subnet? Right now the office maps addresses as
192.168.168.x while home is 192.168.0.x It's easy enough to change
(Especially since all but one of the home addresses are DHCP assigned)
It helps is you install a WINS server to map
> the names to the IP, That can run on an existing server.
Yeah, but there is no "Server" Just a bunch of XP boxes operating as peers.
If everyone is on the same subnet, but for example, the office is
assigned x.x.x.2 to x.x.x.50 and the home is x.x.x.51 to x.x.x.100,
could an XP box on the office "map a network drive" at say x.x.x.55?
(I envision the "Assignments" to be by making sure the static IPs are in
the correct range and limitations on the the DHCP server in the routers.
Subnet mask for both to be 255.255.255.0)
>
>> Also, if setting up this sort of VPN, anyone know of pointers I should
>> look for? Potential problems? The office router is already in place and
>> is a LinkSys BEFSX41. The office network is DSL with a static IP, the
>> home is Comcast and I understand it is a "persistent" IP. My assumption
>> is that the home router should initiate the connection each time since
>> it's address could potentially "move."
>
> Its important for both, you could investigate using a dynamic IP
> service to map a name to your router.
I thought of that, but can't the router with the static IP just wait to
be contacted by the router that can correctly I.D. itself and the home
router automatically contact if there is a disconnect? I thought I had
to assign one to initiate the contact and the other to listen. I suppose
I get additional security if the "listener" will only accept a
connection attempt from the correct domain. But is there more than that?
>
>> Second topic: My plan was to use the VPN for offsite backups of office
>> data.
>
> Yes, but It depends on the volume of data that needs to be backed
> up on a daily basis, and the speed of your connection.
Well, speed is definitly the issue, I'm still investigating how fast the
office net's upload speed is. But the daily increments would be in the
10 < x < 100 mb range. Definitly not on the GB range.
>
> Apart from speed there is no difference to doing a backup over the
> office network In my case walking home with a DVD is several orders
> of magnitude higher than any electronic transfer
Right, sneekernet is the current system. The big problem is getting it
done given the routine craziness at the office.
>
> --
> Jim Watt
> http://www.gibnet.com
| 
XML site map