[olug] VPN / iptables type question

[Shaughn]

Phil Brutsche wrote:

> Shaughn wrote:
>
>> Hello. I just got asked a question on a scenario.
>>
>> Company #1 and Company #2, want to both VPN to Server C.
>>
>> So, in my mind, with this, #1 and #2 will be on the same network as
>> S.C, so they will all beable to see eachother? correct? All machiens
>> from #1 can access #2 and S.C.
>>
>> I would like ot know if it's possible to have #1 and #2 machines
>> route the traffic. Like all local traffic to the S.C goes to the S.C,
>> but any internet traffic goes through the gateway of their ISP, and
>> not the S.C as a VPN would do.
>
>
> Keep in mind that the term "VPN" is actually very generic, and the
> precise details of how the VPN acts with regard to routing encrypted or
> unencrypted traffic is implementation specific, and there are 
> frequently little knobs that can be turned to change those details.
>
> So the answers to your questions are "Yes" and "No".  Which question 
> is answered with "Yes" or "No" depends on *WHAT* you are going to use 
> to implement the VPN.  Are you going to use little firewall boxes, 
> like Netscreens, SonicWALLs, or PIXes?  CIPE?  OpenVPN?  IPsec? What 
> about Microsoft PPTP?
>
> The question you need to ask is "Will the VPN implementation I'm going 
> to use have the behavior I want?"
>
> Am I confusing enough yet? ;)
>
No you're not confusing enough.

What's going on, is a client has offices in three towns. Two of the 
towns are the #1 and #2, the third is S.C. at location S.C, there is a 
windows fileserver that will be attached to the network, thus giving #1 
&& #2 access to it through the VPN. (am i correct in thinking this?)

Also, VNC type of traffic will also be going through the VPN.

all 3 'vpn' boxes will be linux based, i'm not sure of the software / 
features needed. Encyrption, TLS, etc are probably key.

-- 
~Shaughn
Network Administrator / Web Design
Ibusol Computer
1004 W Diers Ave Ste #310
Grand Island, NE 68803
http://www.ibusol.com
http://www.emosai.net