[pptp-server] Lan to Lan/Linux to Linux vpn connection

[Cowles, Steve]

> -----Original Message-----
> From: John Vaughan [mailto:jvaughan at maad.com]
> Sent: Friday, April 27, 2001 2:58 PM
> To: pptp-server at lists.schulte.org
> Subject: [pptp-server] Lan to Lan/Linux to Linux vpn connection
> 
> 
> Hello
> 
> Was wondering if anyone knew how or where to get specific 
> information on a lan to lan connection using two linux boxes.
> 
> Our situation:
> 
> We have a primary office running a Linux Redhat 6.2 distro with
> 2.2.16 kernel.  This is setup to allow VPN connections from
> windows laptops and home users.  Works fine.
> 
> We have a secondary office in another state.  This office has 
> a Linux Redhat 6.2 distro with 2.2.16 kernel also.  This is setup
> to allow VPN connections from the laptop and home users wanting
> to access that office.  Works fine.
> 
> What we want to do is configure the Linux boxes so the people 
> in the smaller office will have an always on VPN connection to
> the main office.  Right now we just want the smaller office to
> be able to get onto the larger office lan and not vice-versa.
> 
> Anyone have any ideas on how to accomplish this???
> 
> thanks

If your open to new ideas, try using IPSEC for your lan-to-lan tunnels and
stay with using pptp for your host-to-lan tunnels (road warriors). You can
run both concurrently.

Checkout: http://www.freeswan.org for FreeS/WAN ipsec source code and
http://jixen.tripod.com for some very good examples on how to setup a
lan-to-lan VPN using IPSEC.

If you must continue using PPTP, then you will need to download the pptp
client at http://cag.lcs.mit.edu/~cananian/Projects/PPTP and then establish
a PPTP tunnel between your two linux boxes at each office. Then manually add
the appropriate network routes for each LAN. The only thing I can think of
to block two way traffic across the lan-to-lan tunnel would be to use
ipchain rules to allow small office to large office traffic only.

Steve Cowles