3002 hwclient on a stick config

Unanswered Question
Dec 9th, 2005
User Badges:

is it possible to use the 3002 hwclient in a 'on a stick' configuration ?


i would like to deploy a 3002 in a small network (and use the 3002 to connect clients to a remote server)


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
jackko Fri, 12/09/2005 - 17:56
User Badges:
  • Gold, 750 points or more

please excuse me for misunderstanding.


you mentioned "on a stick" configuration, just wondering if you are referring to tunneling everything from the hwclient to the vpn server; or vpn client to the hwclient and then redirect to the internet.


the first assumption is totally depends on the vpn server, it is feasible with router, and pix v7.


the second assumption is not feasible as i guess hwclient doesn't support connection from vpn client software.

stephanvanhienen Fri, 12/09/2005 - 18:33
User Badges:

maybe i misunderstand 'on a stick'

i thought this was meaning only 1 network interface connected


but ok what i want :



[adsl router]

|

[ 10/100 switch ]

| | | |

[A] [B] [C] [3002]


A,B and C are client pc's


i want to connect the 3002 to in the same segment(/vlan) and just add some static routes on the clients who need to access the server (where the 3002 is connecting to)


is this possible ? (or should i connect both the public and private interfaces in the same subnet?)


btw the 3002 is connecting to a remote 3020


jackko Fri, 12/09/2005 - 19:18
User Badges:
  • Gold, 750 points or more

it would be better if you deploy the 3002 directly connected to the adsl router, and implement individual user authentication.


e.g.

www <--> adsl router <--> 3002 <--> switch <--> vlan


with this scenario, users from all vlans need to perform an user authentication via http before the traffic will be sent via the vpn tunnel. thus you don't have to confiure a static route manually.

stephanvanhienen Sat, 12/10/2005 - 01:53
User Badges:

Jackko ,


i know this is the best way to deploy the 3002, but i prefer to have a backup solution in case our client doesn't want to change the whole network setup

so i wonder if it's possible to put the 3002 in the same vlan and only use interface ?

Actions

This Discussion