I have a dedicated T1 line that runs between my office and my data center. Both ends have public IP addresses.
On both ends, we have AdTran T1 routers which connect to SonicWall firewalls.
The SonicWalls do a site-to-site VPN and handle the network translation, so the computers on the office network (10.0.100.x) can access the servers in the rack (10.0.103.x).
So the question: can I just add a static route to the SonicWalls so each network can access each other with out the VPN? Are there security problems (such as, someone else adding the appropriate static route and being able to access either the office or the datacenter)? Is there another / better way to do it?
The reason I'm looking at this is because the T1 is already a pretty small pipe, and having the VPN overhead makes connectivity really slow.
--
Clarifications (thanks for the answers so far):
The stumbling block for me is that the T1 has a public IP address. If I set up a route on at the office that says "you can find the gateway for 10.0.103.0 at 200.X.Y.Z", can some dude on the internet also set up the same route and also be able to access my 10.0.103.0 network?
With the VPN, I know it's not possible because there are authorization protocols which prevent outside people from getting in.
Alternatively, I guess the question is "What is the correct way to route between two remote networks over a T1 line?"
The T1 in question has a physical endpoint in my office, and another physical endpoint somewhere at the datacenter, but again, the IP address is public.
I'm not concerned that the telco or datacenter people are sniffing my passwords (if they were, that would sure suck, but that situation is above my paranoia threshold :).