Menu
▾
▴
Re: [Openvpn-users] Load balancing between multiple OpenVPN endpoints in a site-to-site configuration.
|
From: Erich T. <eri...@th...> - 2008-02-29 13:44:04
|
josh wrote: > Erich, > > On 2/29/08, Erich Titl <eri...@th...> wrote: > [snip] > >> Why, if you NAT the incoming connection then each packet gets as source >> address the internal address of the T1000 that translated it, so the >> route back is known. Just NAT the connections coming through the tunnel. > > Wow OK that's a great idea...so simple :) That's a great suggestion, > let me see if that will work based on the network infrastructure that > we have there (this is for a client, so I don't have full access to > anything except the OpenVPN servers) As long as the client opens the connection it _should_ work. Mind you, that is the way a typical user's address is found for _any_ service on the internet (I doubt there are many users on DSL or Cable without a NAT device). Your NAT software may need helpers for protocols like ftp, e.t.c.) Erich |
