    Hi all,

    I am a newbie to Zeroshell, IP and routing but I have a problem to solve:

    I have a head office and three branch offices.
    Each branch office has an ADSL line.
    The head office has three seperate ADSL lines (one line per branch office).

    I’d like to create a VPN which allows all the branch offices to simultaneously connect to the head office for a multipoint video conference.

    Assuming that each site connected to the main site multipoint conferencing unit needs it’s own bandwidth I seperate the main site links to allow each branch to connect at max speed.

    Should I create 3 seperate VPN links (headoffice to branch) using ADSL VPN modems and then bridge the 3 seperate VPNs together at the head office? Would I be looking at bridging ETH1 (VPN1), ETH2 (VPN2) and ETH3 (VPN3) to ETH0 (multipoint conferencing unit) to do this?

    If this is so would I be able to use an Alix box with a 4 ETH expansion card to achieve this?

    Or should I create individual VPN links with a Quad ADSL2+ modem card and individual IPSec tunnels to the branch VPN modems and then add these VPNs to the bridge?

    Any pointers would be appreciated.




    Either of those approaches would work but in your diagram you need to take a long hard look at your IP address scheme.


    Thanks vpn_rollercoaster for your comment to my posting for help.

    I really am a newbie to networking, and I have limited knowlege of of VPN’s, so I really do need a bit of assistance here.

    I guess I do need to look at my IP address scheme, but I do not know where to begin.

    In a LAN-LAN VPN using 2 Billion 7402R2 ADSL modems I can get video calls to work fine. This is because the video conferencing systems each have their ADSL modems as their default gateways. I am using a network range at the main site and at the remote site.

    In a multiple LAN-LAN VPN (as in my diagram) the main video conferencing system would need a default gateway again, and I though of giving it the address assigned to the bridge. Am I correct in thinking that? Will the bridge automatically send traffic down the correct leg to the remote site?

    I have scoured the web but cannot find any type of configuration close to the one I am trying to build.

    Thanks again



    If I understand your diagram, I would bridge the three LAN-LAN VPN in ZS (witch you have done).

    Make sure that the IP Address assigned to the Bridged VPN and the IP Addresses assigned to the Client Sites VPNs are in the same Subnet.

    Create Static Routs through the Bridged VPN and Vis Versa.

