On Mon, 10 Jan 2005 12:01:32 -0700, Kevin Fries <Kevin@xxxxxxxxx> wrote: [snip] > OK, maybe I am simplifying things a bit more than I should be, so let me > ask: > > My conceptual understanding of VPN was that computerA needs access to > NetworkB as if it were located on the physical network even though it is > somewhere else. ComputerA contacts NetworkB which assigns ServerC to > ask as a proxy. All traffic destined for NetworkB from ComputerA is > Sent from A->C, ServerC retransmits the request, receives the answer, > then relays it back C->A. This allows A to appear to be on the network. > ~ If ServerC was to manage up to 10 VPN connections, it would need 10 or > 11 (if it also had other duties as itself) IP addresses with each remote > client having a unique IP. A VPN is using a shared media to create a private connection. This could be bridged or routed. > Now I can see how that could appear as a goofy type of router or more > specifically a bridge. Its actually more of a proxy, but at a basic > level all proxies are actually routers. And a bridge is simply a router > where the network address is the same on both sides. > > When they were talk about bridging, I assumed that they were talking > about the proxy. So when you talk about how you avoid bridging, how is > my understanding of VPN's shortsighted? What other options are there? If you don't control the routing then I would use TUN (Routing) and NAT to bypass any internal routing issues. -- Leonard Isham, CISSP Ostendo non ostento.