[ previous ] [ next ] [ threads ]
 
 From:  Chris Buechler <cbuechler at gmail dot com>
 To:  spiv007 <spiv007 at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] ipsec
 Date:  Wed, 17 Nov 2004 19:40:39 -0500 
On Wed, 17 Nov 2004 10:13:54 -0500, spiv007 <spiv007 at gmail dot com> wrote:
> I have 3 locations, 3 different network what is the best way to get
> all 3 sites to see each other?
> 
> So far Im using ipsec  like this;     net3
>                                                     /       \
>                                                  net1    net2
> 
> then once that is done i was thinking to route the traffice from net1
> to net2 thru net3 and net2 goes through net3 to get to net1.
> 
> I guess i could get connect net1 and net together via ipsec.
> 

A full mesh here is definitely the best solution (i.e. connect net1
and net2 directly).  You really want to avoid routing it over VPN back
over VPN again, since that'll double your latency and waste bandwidth
at net3's site.  Not to mention it'll be easier to set up that way.

-Chris