Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
375
Views
0
Helpful
4
Replies

Can CVPN Client on an internal LAN establish tunnel to a 3015 Concentrator?

laimf
Level 1
Level 1

‎09-14-2003 07:38 PM - edited ‎03-09-2019 04:47 AM

Hi,

I have a concentrator connected to a router for encrypting data between the concentrator and the remote clients. On top of that, I wish to encrypt the data between some of the PC running cisco vpn client on the local LAN and the concentrator. So to create an end-to-end secure tunnel between the remote PC and the local LAN PCs. Is it possible?

Thanks alot.

Moh Fun.

Labels:
0 Helpful
4 Replies 4

drolemc
Level 6
Level 6

‎09-18-2003 11:56 AM

Though I have never tried it, I don't think it is possible to have the Client exchange encrypted data with the concentrator over the private interface and then send it over another IPSec tunnel to the peer router over the Public interface. However, you could try placing your users on the external interface.

0 Helpful

jcleary
Level 1
Level 1
In response to drolemc

‎10-07-2003 08:42 AM

I think only one of the interfaces can be described as Public and only the public interface can terminate tunnels

0 Helpful

jasobrown
Level 1
Level 1
In response to jcleary

‎10-07-2003 11:08 AM

This is actually a very interesting question. I would say that you should be able to do it but unfortunetly I don't have a 3005 to test with. Your post was quite some time ago where you able to test and verify your question?

Regards,

Jason

0 Helpful

laimf
Level 1
Level 1
In response to jasobrown

‎10-07-2003 05:44 PM

Hi all,

Thanks alot for your comments.. Unfortunately, I do not have a concentrator to test with.

If concentrator can only terminate tunnels on the public interface, and if we still wish to establish IPSec tunnel from within the LAN till the remote site. Could we do like this: 3002 Hardware client --> concentrator --> Router --> Remote clients with VPN clients? In this case, the hardware client will establish a tunnel to the concentrator, at the same time those remote vpn clients will establish tunnel to the concentrator?

As the concentrator can only terminate tunnels on the public interface, we will connect the hardware client public interface parallel to the concentrator public interface. Is that a possible setup or I'm making the design complicataed?

Thanks alot for the time & effort.

Have a nice day,

Moh Fun.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents