06-28-2007 09:35 AM - edited 02-21-2020 03:07 PM
I have a vendor who needs to run his pharmacy robot network in a private IP space. The server in this network is a Windows 2003 server with 10 Windows XP Pro clients. Our network is a large AD2K forrest but is behind a firewall. All servers are Windows 2003 and all clients are Windows XP Pro with personal firewall activated and centrally managed.
Here's the question. To separate the robot network from our network but allow bidirection traffic between it and one server sitting on our network require just one VPN appliance that would essentially do a NAT or two VPN appliances - one sitting at our server and one sitting on the edge of the robotic network?
What is the best solution for network isolation but allowing the one server to talk to the robotic network?
07-04-2007 07:22 AM
Network address translation will be the best solution in this regard
07-04-2007 07:46 AM
Hi,
I assume your topology would be similar to this
(robot network)----(Internet)-----(your network)
There are two possiblities:
case 1:
-------
*Install a VPN gateway at each end-point of
the network.
*Use this option when you have got server's installed in both the places and want's to acess form both direction
*This is called site-to-site VPN
case 2:
-------
*Install a vpn gateway at one end-point where you have installed server.
*use this option where you have got server installed in only one end-point and you initiate connection form only one direction.
*This is called Remote-Access VPN.
Hope it will help you a bit.
--Jaffer
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: