From: am@am.am   
      
   Sorry guys,   
      
   maybe the question has been already posted but I would like to clearly   
   distinguish whether the following scenario could   
   accept both the solutions or I need without no doubts the LAN-to-LAN.   
      
   Imagine you have 2 LANs or 2 groups of LANs (say A that offers services and   
   the other one (B) that access A resources)   
   located behind 2 devices doing NAT: it is quite simple, that's the most common   
   scenario.   
      
   Would be possible to use software clients installed on workstations belonging   
   to network B accessing the same endpoint   
   (the public endpoint of A LAN) using IPsec?   
   I don't think so because IPsec uses UDP 500 port as the source port and   
   traffic coming from the same public IP will have   
   packets authenticated in different manners. So the A endpoint will think that   
   some one is trying to substitute to the   
   first endpoint that initiated the tunnel.   
      
   Please, tell me whether my idea is wrong or not. We have been giving services   
   to our customers and we have been facing   
   their lack of understanding on the reason we want to install routers at their   
   site (if they don't have any devices that   
   permit to build a VPN or they haven't the knowledge to do that) when they have   
   more than one workstation that needs to   
   access our resources.   
      
   I apologize for my English but if you have some documents that explains what I   
   wrote about reporting why someone needs   
   to have a LAN to LAN scenario instead of a lot of software clients I shall   
   really appreciate it.   
      
   Many thanks   
      
   Alex.   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)