Do you want outside access to internal networks via VPN, or do you want district x to be able to see things inside district y via a tunnel? or both? We need to know a bit more about what your trying to do, but it is most certainly possible with IPSec and some routing. -----Original Message----- From: tclug-list-bounces at mn-linux.org [mailto:tclug-list-bounces at mn-linux.org] On Behalf Of Raymond Norton Sent: Tuesday, February 03, 2004 9:26 AM To: tclug-list at mn-linux.org Subject: [TCLUG] is there such an animal I run a large wan for 18 school districts. Each has a few public IP's on their router and Nat 10.x, or 172.x private addresses . I am getting request to allow vpns to each school's local network, which I am not against, but I want full control of what can and cannot be done. A vpn from a single workstation connected to the schools LAN is not a big deal to set up, but I would like to set up a server inside the WAN that users would have to authenticate to, and then send them on to their destination. This would require some sort of vpn to all the schools from this server. Is this something that can be done, or do we need to do a point A to B setup rather than A to B to C? Raymond _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota http://www.mn-linux.org tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota http://www.mn-linux.org tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list