Securing dark fibre
Hello,
we have 2 offices which are connected with optic fibre. The connection is direct, not via Internet - dark fibre. We want all the computers from both offices to be in one LAN without routing and VPNs. But also if some one cuts the fibre and puts a media converter between, he will be able to access both ends of the fibre. For sure this will break the connection between offices, but still we think this is a security issue. Is there relatively simple way to make sure that to both sides of the fibre are connected my machines, but not someone else? Thank you in advance |
Dark Fiber is the responsibility of the company you are leasing it from. There is no real way to ensure that someone doesn't cut the fiber. Should it drop for what ever reason you should contact the fiber provider and have them check the cable anyway.
As to is there a way to check this? You could get a light reading when you first light it up then you have a base line. Should anything be added the reading will change. |
It sounds like you want a bridging VPN.
Take a look at this: https://openvpn.net/index.php/open-s...-bridging.html |
A vpn of some kind.
The endpoints may have a vpn in it already. |
We made it with L2TP IPSec connection and between L2TP interfaces we made EoIP tunnel. Works fine, but requires relatively powerful hardware for encrypting/decrypting the gigabite connection. We will use 9 core CPU Mikrotiks on both sides.
|
Thanks for the update and solution.
|
All times are GMT -5. The time now is 09:20 AM. |