Cisco Support Community
Community Member

advice on VPN solution

Hi all,

Our company is looking to add a VPN solution to our existing network. This is my first time designing a VPN solution and I am asking for some input.

Currently, we have hub-spoke FR network goes to the corporate office. 10 FR circuits go to other branch offices and one Cisco 2501 in the middle of all these.

/ Frame Relay/---2501----

Proposed VPN solution:

1- add Cisco PIX (firewall)

2- add Cisco VPN concentrator (for single or site to site vpn connections)

3- add Cisco 3600 and replace 2501 with 2601

/Frame Relay/------------------------|



/Internet/---2601---PIX---|--------3640-----------(corporate servers)


|----cisco VPN 3015 concentrator

Below are the questions I have:

1- Which one is better in term of configuration, performance and security? Use PIX, VPN concentrator or router with VPN bundle to setup VPN connections.

2- Initially, we will have 20 VPN clients but slowly we will be moving FR circuits or add more VPN site to site connections to this network. I could see it goes up to 200 concurrent users eventually. Which Cisco VPN concentrator should I get?

3- Does the solution seem a good vpn solution?

4- For those with VPN experience, any recommendations?

Appreciate the help,



Re: advice on VPN solution

It basically depends on the traffic load of your network, if the load is going to be heavy better go for equipments that will handle such traffic levels. VPN 3015 supports 100 concurrent IPSec users only so better go for Concentrator 3030, for more details go through, I don't think 3005 supports 200, hence asking you to go for 3030.

CreatePlease to create content