Multiple VPN Connections?
DLaws at vdsinc.com
DLaws at vdsinc.com
Tue Feb 8 09:21:38 EST 2005
Thanks for the previous reply.
I am a newcomer to using VPN an any environment other that the Windows
desktop, so please forgive my ignorance.
Assume we are talking about IPSec VPN connections that may be from
different, non-interoperable VPN solution vendors. Also assume we are
using non-public IP address (10.x.x.x) in our productions environment and
that this is also the case on the remote networks. In short, assume all
the worst possible conditions and that we have no control over the remote
networks.
What are the essential steps/components to establishing and maintaining
multiple client VPN connections on a Windows host that is functioning as
an Apache-Tomcat web application server with applications that need
real-time access to database servers on the remote networks?
Do we need to go to each VPN solution vendor for client side software?
Do we need gateway hardware/software that will provide connection
isolation and address translation?
Can you recommend good sources for further research on these or other
questions?
Thanks in advance for your help,
Dennis Laws
ncsa-discussion-bounces at ncsysadmin.org wrote on 02/08/2005 07:01:53 AM:
> > I am running a Apache-Tomcat web server in on a Window host in a
> > production environment. I want to run multiple instances of a web
> > application that needs to connect to multiple remote database servers,
to
> > perform real-time query and update, over VPN connections. Is it
feasible
> > and practical to maintain multiple VPN connections?
>
> You can run as many VPN connections as you want. Well practically there
is
> this limitation of limited IP numbers, but hey, who is complaining ;)
>
> I would suggest however to:
>
> 1. Look into running the app on Linux.
> 2. Use SSH tunnel.
>
> If you can't do that and you have to go with VPN I assume you are
talking
> something like IPSec and not something like PPTP?
>
> In case of VPN I would sugest you do limit the encryption domains to the
> minimum and use public IP space for it as well. This will ensure you
don't
> end up with two incompatible encryption domains if you are running
private
> IP address space.
>
> Sincerely,
> Iztok
>
> _______________________________________________
> ncsa-discussion mailing list
> ncsa-discussion at ncsysadmin.org
> http://www.ncsysadmin.org/mailman/listinfo/ncsa-discussion
More information about the ncsa-discussion
mailing list