-------- Original Message --------
> Hello list!
> Me and my friend got two private LANs with some Gentoo boxes. We'd like
> to connect this two networks over a VPN connection. So that the machines
> from both networks are virtually on the same subnet (10.0.0.x).
> The situation is this:
> LAN A (mine) connected to a 2 mbit/s cable lane
> - 192.168.1.1: m0n0
> - 8x gentoo boxes
> LAN B (my friend's) connected to a 1,2 mbit/s adsl lane
> - 192.168.1.1: gentoo router
> - 4x gentoo boxes
> We don't want that every request which is sent goes to the other gateway
> like this is with PPTP VPN. The gateway should be on both sides
> It'd be good if the routers could make one connection to the other
> router, so that not every client on both LANs needs to open a VPN
> We also want to access the VPN from school. At that place there is a
> firewall which blocks all traffic except TCP80/443. So we want a VPN
> server listening on port 443 at LAN A, cause there is more upstream.
> Now is this concept good?
> Which VPN method should we use? OpenVPN or IPSec?
I would set up OpenVPN server on m0n0wall (site A) and configure LAN B's
gateway as an OpenVPN client. You'll be able to connect to A from a
standalone OpenVPN client installed at school, too.
I don't really understand why/what you want to do with your networks,
but to be short: if there is no need to be have all host on one
(virtual) network segment, use TUP. In that case, you'll have to
re-number one of your two LAN so that they use different IP addresses
schemes (if not, routing will be *broken*). If you absolutely *need* to
make both A and B subnets appear as one (virtual) network segment, use TAP.
Take a look at the available docs on the OpenVPN site and search for
configuration examples (case studies).