Office 1 has DSL/Static IP In Dallas, Texas Office 2 has DSL/Static IP In Fort Worth, Texas
I have set up a VPN using Linksys BEFSX41, but that requires that office 1 and office 2 be on a different subnet...The devices can ping each other across the network, but I would like them all to be on
192.168.2.xxxSo I'm wanting to BRIDGE the two LANS, right? I've heard that some VPN hardware has a "bridge" mode, but I can't find any hardware to do this. Please help.
Bridge mode is usually for PC's running vpn client software connecting to a VPN box.
Never seen a VPN setup that can bridge two networks together. In any case, that is generally NOT something you weant to do. Trust me. You do NOT want all your netbios broadcasts eating up your DSL bandwidth.
VPN connections between nets SHOULD be routed, not bridged!
Is there some particular reason you need them bridged?
In article , Ant Judy wrote: :I have set up a VPN using Linksys BEFSX41, but that requires that :office 1 and office 2 be on a different subnet...The devices can ping :each other across the network, but I would like them all to be on :192.168.2.xxx
Why? If they are bridged, then all broadcast traffic will have to cross the bridge. Broadcast traffic can include ARPs, NETBIOS, DHCP, ntp, and other fun things.
:So I'm wanting to BRIDGE the two LANS, right?
That would be the term.
: I've heard that some :VPN hardware has a "bridge" mode, but I can't find any hardware to do :this.
On the VPN side, try searching for "network extension mode" (e.g., the PIX 501 or 506/506E acting as a VPN client to an EzVPN server).
Note: you will note be able to do what you want using IPSec as the VPN. IPSec can operate in two modes, and in one of the modes the traffic is essentially bridged, but the RFCs for IPSec *define* that mode as being invalid for traffic through a security gateway (a device that is processing security on behalf of something else). The RFC's do allow that mode for traffic -to- the security gateway itself for the purpose of controlling the security gateway: for the purposes of such traffic, the security gateway is, de facto, a "security endpoint" and IPSec bridging is allowed between two security endpoints.
The device feature that you are looking for is sometimes called "remote bridging". "Remote bridging" in its original form is often only configurable over serial interfaces (point-to-point links.) Configuring remote bridging over the Internet usually requires encapsulating the packets for transmission, such as by using GRE (Generic Router Encapsulation).
If memory serves me, Cisco supports GRE on some models of their SOHO line, on their 800 series access devices, and on their 1700 series modular routers. (On the 1600 series too, but you would generally go for a 1700 series over a 1600 series.)
You mentioned DSL, but you did not happen to mention whether that was ADSL or SDSL (or other), and you did not happen to mention uplink and downlink speeds. One thing you really want to avoid happening when you are doing remote briding, is having a "master browser" elected on the far side of the link from the side that has a noticably bigger population of hosts: if that happens, then all the NETBIOS resource looking and registration has to go over the uplink (which might only be 128 Kbit/s) to the other end. If the master browser is on the more populated side, then most of that NETBIOS traffic will stay local to that larger side.
Thanks for the replies. The network extension mode and remote bridging terms have put me on the right path again.
It's just ADSL on the lines.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.