Thanks for the idea. Actually we are running leased lines from the branches to our head office. The ATM terminals are Windows XP based and connected to a LAN switch and a WAN router. Would you suggest installing a Cisco VPN client that would connect to our head office firewall?
Actually, the devices on the LAN switch would be workstations of the tellers, staffs, manager and also the ATM. I am afraid of someone deliberately installing wireless access points just to have WiFi. I guess I have to shut all unused ports and get a notification if they are turned on.
Yes I guess VPN on the WAN router is also good. I will study the link you referred above and see if it is doable.
My problem now is how to maintain the updates on the ATM devices...got to think again.
Are you encrypting all your branch traffic? Since you have a private line circuit, IPSEC VPNs for your ATMs may not be necessary. PIN transmission is already encrypted from the ATM to the switching host.
We use ACLs on switch ports and routers to restrict traffic to ATMs, but do not use VPNs.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...