If we knew more about what you are trying to accomplish we could give better advice. I am especially interested in knowing how you plan to use the VPN. Where will the VPN terminate? When you talk about VPN service provided by the service provider I am not clear whether you mean VPN from your network terminated at the service provider or VPN from your network terminated at some other destination.
I will also add that in my experience I do not see many organizations doing VPN over dialup modem. Most that I have experience with are doing VPN using DSL, cable modem broadband services rather than dialup modem.
If you can explain a bit more we might be able to give better advice.
Thanks for the prompt reply. I have attach the diagram for the layout of my network. Outlet #1 is the main office and the rest of the outlet will be connected to outlet #1. The rest of the outlets are around 150 km from the main office. What is the best way that i can use to connect the rest of the outlet to the main office ?? For the time being, i thought of connecting the router from the individual outlet to the main router on the main office. what are the recommended router, firewall and modem that i can use ??
you mentioned, "The rest of the outlets are around 150 km from the main office. What is the best way that i can use to connect the rest of the outlet to the main office?". however, according to the jpg, all other outlets are connected to outlet #1 already. so just wondering whether they are already connected and looking forward to change the architecture; or they are not yet connected.
for the main office, i would suggest a pix515e or asa as a proper dmz should be maintained for the servers such as web server. from the jpg, the dmz seems to be created by vlan.
for all other outlets, it depends on the type of connection. e.g. with xdsl, there are two choices; one is a all-in-one router that has a xdsl interface and supports ipsec, so that you can setup lan-lan vpn back to the main office; and two is to utilise the xdsl modem provided by the isp and deploy a pix for each outlet, however, this option should only be considered if the isp is going to provide xdsl modem.
personally, i would use a pix whenever it's possible, as i feel that pix is better in terms of handling ipsec, and especially there is not much routing involved between the outlets.
for the existing network, all the outlets are connected via ISDN line. So security is the issue for the existing network. Now i am looking at new services that allow me to connect to the main office. I am considering leased line service or IP VPN service offer by my ISP. The main office will be connected to the internet via IP VPN service. If i am using lease line to connect the outlets to the main office, i do not need to have individual firewall eg PIX on each outlet. Since IP VPN go through internet, if i am using the service, i need to deploy individual firewall for each of the outlet.
the xdsl that u mention, does it connect to the internet first before going to the main office or it is a leased line that connects directly to the office router ?
what are the cisco xdsl all in one router that support VPN ?
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...