diff --git a/SSH-VPN-VNC/README.md b/SSH-VPN-VNC/README.md
index 1115acf2a61103ef6981a03f3ed2652f06dac9d3..ca86386f5bff8e555bbf27e812bb4362dfb2c867 100644
--- a/SSH-VPN-VNC/README.md
+++ b/SSH-VPN-VNC/README.md
@@ -188,10 +188,20 @@ Todo add infos on `ssh-agent`
# Q: How to transfer files between two VPN networks?
-You should be able to use an SSH tunnel.
+You should be able to use an SSH tunnel via a gateway server
-Assuming you're trying to transfer a file from a remote computer ("remote") to your local computer ("local"),
-establish the tunnel via the third computer ("gateway") by typing this on your local computer:
+Situation
+```
+ VPN-1 VPN-2
+__________ /| ___________ /| __________
+| local | | | | gateway | | | | remote |
+| |---| |----<>------ | Firewall | |
+| | Firewall | \---<>-----| |---------| |
+__________ | | ___________ | | __________
+ |/ |/
+```
+Assuming you're trying to transfer a file from/to a remote computer ("remote") from/to your local computer ("local"),
+establish a tunnel via a third computer ("gateway") by typing this on your local computer:
```bash
$ ssh -fNL 12345:remote:22 gatewaylogin@gateway
@@ -199,13 +209,17 @@ $ ssh -fNL 12345:remote:22 gatewaylogin@gateway
Then you can run an unlimited amount of SCP commands on this tunnel (still typing on your local computer):
```bash
+# scp [SRC] [DEST]
$ scp -P 12345 remotelogin@localhost://path/to/remote/file /local/path/where/you/want/file
```
another option is to use `rsync` with a gateway command:
```bash
+# rsync [SRC] [DEST]
$ rsync -avz -r --stats --progress -e "ssh gateway ssh" remote:/src/documents/ /dest/documents
```
+**Note: key-based authentication is required from the gateway to the remote server using rsync.**
+Initial testing showed that using key-based authentication between gateway and remote is required.
# Q: How to connect to Jet, SRVX8, SRVX2?