07-22-2002 02:55 AM - edited 02-21-2020 11:56 AM
We are looking to establish a external VPN network environment and still keep our internal Frame Relay network up. We have all Cisco 2600 routers at each internal remote location. With this new external VPN network, we want to allow only certain connections to our main internal site and block traffic to our other internal remote sites. What equipment do you think would handle this VPN security and management the best? Any advice would be appreciated.
Thanks, Robbie
07-22-2002 04:04 PM
Routers with ipsec image handle the lan to lan scenario best. If you would be doing remote access vpn, the vpn3000 handles that best. If you need firewalling besides the vpn, the firewall could also perform vpn.
the best thing to do would be to contact your local Cisco Systems Engineer for a design plan that would suite your requirement best.
Regars,
07-22-2002 04:50 PM
I think router to router hub and spoke design might suite your need.
The central site will be the hub, and all your romote sites are spokes.
You can control the traffic depending on the ipsec match address access-lists.
(VPN interest traffic). Here is the sample config:
http://www.cisco.com/warp/customer/707/ios_hub-spoke.html
Best Regards,
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: