I have a request from Fleet support users to open up UDP 500/10000 for IPSEC access from a Banks VPN Dialer Software (using Cisco VPN Client Software and SofToken II), to connect to this bank's VPN Concentrator. My question is is there a way I can configure my local 3030 Concentrator so the user can log in local to TxDOT's concentrator and connect to this banks's concentrator so I will have better internal Security. I haven't been able to talk with the banks Network person yet, but I'd assume they may hesitate to allow a LAN-LAN VPN connection.
Therefore, any suggestion on configurations on how to use my :Local Concentrator as a relay between the VPN client software and the banks' Concentrator. Any hints/tips/advice is greatly appreciated.
Ok, that helps, but if the bank is hesitant about doing the LAN-2-LAN VPN, is there a way I can "proxy" my 3030 as the client, and have my user login to my Concentrator to connect to the bank. All the user does once the VPN is connected is TN3270 (port 23) to the bank's mainframe. Any ideas?
I am afraid it is not possible. Unless you have a LAN-LAN setup which can be used to route the traffic over to the banks' VPN3K.
The Bank folks can lockdown (if needed) the ports with which you connect via LAN-LAN and allow only TN3270 session through, while at the same time clients connecting to your VPN3K can aslo be restricted to be allowed TN3270 traffic using filter on the group.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :