0

This is kind of complicated...or not I am not sure yet. I have a isolated non-internet network(LAN2) that I use at work for data security. I have a sponsor who would like access to said network(LAN2) after vpn'ing into our primary work network(LAN1). I was originally thinking of using a second vpn so that the traffic between my vpn server on LAN2 was encrypted all the way back to the LAN1 vpn server which would encrypt the traffic all the way to my sponsor. Basically I am trying to bridge two networks but I need some sort of safety to prevent any eavesdroppers. Can anyone think of a better way to do this? Thanks!

Improve this question
4
  • 1
    Poor question. You're talking about connecting an air gapped network, its kind of a contradiction. Really you want to firewall LAN2 so that only one source can connect.
    – Linef4ult
    Commented Oct 29, 2015 at 12:27
  • Yeah I dont like the idea of doing it but its their secure data and they pay the bills. I'd rather say, "no I dont want to compromise the network." but I cannot. :/ Are you suggesting adding a physical firewall between and connecting the two networks that way?
    – Rick Williams
    Commented Oct 29, 2015 at 12:44
  • @RickWilliams - The network is isolated from the internet for a reason. Are you in a position to even make this decision to allow this remote access? Technically speaking this remote user would have to connect to a VPN connected to LAN2 not LAN1 since LAN1 and LAN2 are isolated from one another. If LAN1 already has a VPN server then technically it isn't an isolated network to begin with. I strongly suggest you make sure you have authorization to allow this sponsor to have access to this isolated network.
    – Ramhound
    Commented Oct 29, 2015 at 13:01
  • Its(LAN2) my network to compromise. My computers, my switches, my cabling. LAN1 is my work network where as LAN2 is my isolated network. I have to vpn in to LAN1 through the companys server in order to even see a second vpn server that would be connected to LAN2. There is no vpn server on LAN2 (yet) so they are isolated. I would need to create a single connection to LAN2 in order to give them access at which point it would no longer be isolated completely.
    – Rick Williams
    Commented Oct 29, 2015 at 13:46

1 Answer 1

Reset to default
0

You can also set up an ipsec lan-to-lan tunnel between LAN1 and LAN2. You can use strongswan or openswan.

Improve this answer
2
  • Ive never heard of either of these, Ill look into it thanks!
    – Rick Williams
    Commented Oct 29, 2015 at 12:47
  • The setup is relatively easy.
    – dseira
    Commented Oct 29, 2015 at 17:10

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .