Multiple VPN Connections?

DLaws at vdsinc.com DLaws at vdsinc.com
Tue Feb 8 09:21:38 EST 2005 

Thanks for the previous reply.

I am a newcomer to using VPN an any environment other that the Windows 
desktop, so please forgive my ignorance.

Assume we are talking about IPSec VPN connections that may be from 
different, non-interoperable VPN solution vendors.  Also assume we are 
using non-public IP address (10.x.x.x) in our productions environment and 
that this is also the case on the remote networks.  In short, assume all 
the worst possible conditions and that we have no control over the remote 
networks.

What are the essential steps/components to establishing and maintaining 
multiple client VPN connections on a Windows host that is functioning as 
an Apache-Tomcat web application server with applications that need 
real-time access to database servers on the remote networks?

Do we need to go to each VPN solution vendor for client side software?

Do we need gateway hardware/software that will provide connection 
isolation and address translation?

Can you recommend good sources for further research on these or other 
questions?

Thanks in advance for your help,
Dennis Laws


ncsa-discussion-bounces at ncsysadmin.org wrote on 02/08/2005 07:01:53 AM:

> > I am running a Apache-Tomcat web server in on a Window host in a
> > production environment.  I want to run multiple instances of a web
> > application that needs to connect to multiple remote database servers, 
to
> > perform real-time query and update, over VPN connections.  Is it 
feasible
> > and practical to maintain multiple VPN connections?
> 
> You can run as many VPN connections as you want. Well practically there 
is 
> this limitation of limited IP numbers, but hey, who is complaining ;)
> 
> I would suggest however to:
> 
> 1. Look into running the app on Linux.
> 2. Use SSH tunnel.
> 
> If you can't do that and you have to go with VPN I assume you are 
talking 
> something like IPSec and not something like PPTP?
> 
> In case of VPN I would sugest you do limit the encryption domains to the 

> minimum and use public IP space for it as well. This will ensure you 
don't 
> end up with two incompatible encryption domains if you are running 
private 
> IP address space.
> 
> Sincerely,
>       Iztok 
> 
> _______________________________________________
> ncsa-discussion mailing list
> ncsa-discussion at ncsysadmin.org
> http://www.ncsysadmin.org/mailman/listinfo/ncsa-discussion

More information about the ncsa-discussion mailing list