[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Multiple LAN's through one vpn

On Fri, Mar 10, 2006 at 10:20:05AM +0100, Sturla Holm Hansen wrote:
> I have 5 customers in 1 building sharing 1 SHDSL-line, each of them have 
> their own router behind the main router to segment the net and now they 
> want VPN.

What do they want it for? What OSes will be connecting? 

> The problem is that they should not have access to each others LAN, just 
> their own, so I have to figure out a way to determine what network they 
> should have access to by checking what login they use on the VPN.
> I know that multiple external IP's would solve the problem, but that's 
> not an option.

Would be the simplest solution, yes. 

> So could I set up a Linux VPN-server that has different routes for 
> different logins?

Yes, you can. Using Openswan it is possible to restrict a connection
with "leftsubnet=$IP_RANGE". Furthermore, you may execute scripts when
starting the connection and thereby adapting your firewalling rules. 
There is also a patch which provides the vpn'ed hosts with a local
IP-Address, you might be able to use this to restrict the connection
further. Depending on your situation, there might be many other options. 

> Any sollutions would be much appreciated :)

As stated, a solution depends heavily on your situation. 



I am Deutsche Bahn AG of BORG.
Your time will be wasted. Fahrpläne are futile.

Attachment: signature.asc
Description: Digital signature

Reply to: