<div dir="ltr">It is common that the VPN provider policy *prevents* you from connecting to multiple networks (theirs and someone else's). The logic behind it is to prevent data leak, especially accidental, by combining somehow their network with someone else's.<div>
<br></div><div>So - this poses no problem to be dealt with. The common problem is that your local home network overlaps one of the organization's networks. Some of the VPN clients place themselves in the network interface stack, so they hijack the packets to their correct destination(s). That is the common reason (except for time and effort) that Linux clients are more rare. This operation is somewhat more complicated there, and would require root access. Fortigate VPN client (SSL VPN) does that. Juniper java SSL VPN does that. CP SSL VPN client (snx) does that. Theoretically, for the client-connect (office-connect, for previous versions of Checkpoint) you would be able to use some implementation of *SWAN (freeswan, openswan, something swan), but this is a very complicated setup, which requires noticeable effort on your side, and, on some cases, requires the VPN server owner to perform actions which negate the famous Etzion's principle of "minimum effort, minimum energy", so it would probably never happen.</div>
<div><br></div><div>Ez<br><br><div class="gmail_quote">2011/3/20 Elazar Leibovich <span dir="ltr"><<a href="mailto:elazarl@gmail.com">elazarl@gmail.com</a>></span><br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div dir="ltr"><div class="gmail_quote"><div class="im">On Sun, Mar 20, 2011 at 9:54 PM, Shachar Shemesh <span dir="ltr"><<a href="mailto:shachar@shemesh.biz" target="_blank">shachar@shemesh.biz</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div><br></div><div>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
On another side note, what does it do if I'm having a 192.168.4.* internal network?<br>
</blockquote></div>
Then you are @!#*%!@#$@!)(!@#&%@#! !@(%!@#()#!@$!@%#.</blockquote><div><br></div></div><div>Wow, I'm not sure I know any adjective that long in English ;-) </div><div class="im"><div><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
VPN is designed to connect disparaged networks as if they are close together.</blockquote><div><br></div></div><div>Yeah, but as your probably know, VPN is used in practice to connect to your workstation from your laptop, and for this use case, you might want to connect to two VPNs which unfortunately share the same internal network address. I don't think that makes you an idiot.</div>
<div><br></div><div>And VPN solution could offer NAT, in fact a shallow Google search[1] offers exactly the same solution.</div><div><br></div><div>Is there something I'm missing here?</div><div><br></div><div>[1] <a href="http://nimlabs.org/~nim/dirtynat.html" target="_blank">http://nimlabs.org/~nim/dirtynat.html</a></div>
<div><br></div></div></div>
<br>_______________________________________________<br>
Linux-il mailing list<br>
<a href="mailto:Linux-il@cs.huji.ac.il">Linux-il@cs.huji.ac.il</a><br>
<a href="http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il" target="_blank">http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il</a><br>
<br></blockquote></div><br></div></div>