[cat199]

Umm. No.

Want to connect 2 lan's together and have full protocol binding and internal DNS support without mucking with 65535*N-nodes port forwardings?

yeah.

not to mention 'vpn' isn't a product..

so your entire notion of 'making money out of it' makes no sense.

as for commercial: OpenVPN is great, free, and fairly simple to use.

[jsjohnst]

While it’s not the right tool for the job, it is possible to connect two networks together using SSH as the secure transport. Many (most?) good network folks will recoil in horror though about tunneling TCP inside TCP.

[cat199]

Re Full network: How?, without additional software e.g. ppp+socat+ssh along with TUN/TAP or similar, or running a non standard SSH client/server and having various nonstandard utilities on both ends, which imho obviates OP's claim of SSH 'simplicity'/'ubiquity'..

TCP/TCP is another point.. and a good one, yes.

[jsjohnst]

> Re Full network: How?

These articles explain the concept, but it takes nothing but SSH & Linux (albeit it can work on macOS too with additional software):

https://wiki.archlinux.org/index.php/VPN_over_SSH

https://debian-administration.org/article/539/Setting_up_a_L...

http://sgros.blogspot.com/2011/11/ssh-tap-tunnels-using-rout...

I've seen it done before where it was fully transparent to both networks. This required the tunnel to be setup on the default gateway for both networks. Again, as mentioned before and you agreed too, this is not a solution I would ever want to see in production for a company I was at.

> which imho obviates OP's claim of SSH 'simplicity'/'ubiquity'

Which I agree, it isn't simple, but I was replying to someone saying it wasn't possible, not that it is easy to do.