Cisco Support Community
Community Member

Network Design/VPN Question

I work with a SOHO who would like to provide remote VPN access to a handful of staff and I'm new to VPN configs.

After some research, I thought the PIX 501 would meet their VPN needs, but I'm not sure of the best way to implement it.

The office is connected to the Internet by a Linksys DSL router that currently handles DHCP & firewall services. Web and email traffic to their single static public IP is forwarded to the workgroup server (an OS X server providing file/mail/web) on the inside.

I'd originally planned to simply replace the Linksys device with the PIX and let it handle the DSL connection, DHCP, firewall and VPN, but after doing more reading about configuring the PIX, I'm wondering if that's the best idea.

Is it possible to keep the existing Linksys DSL router in place handling all the existing services and integrate the PIX solely for the VPN? I know I could provide all existing services plus VPN access with another Linksys product, but I need the VPN to be compatible with Mac OS X and that's why I chose the PIX 501.

Any suggestions or resources to help me would be greatly appreciated. Also, feel free to let me know if this should be posted to another forum. Thanks!


Re: Network Design/VPN Question

Hi .. I suggest you to go ahead with using the PIX 501 instead which is OK for a SOHO. You can have different licenses options according to the ammount of simultaneous connections you want to support. Alternatively (Even better) .. you could implement an ASA 5505 which is ideal for SOHO.

I hope it helps .. please rate it if it does !!!

Community Member

Re: Network Design/VPN Question

Thanks for the recommendation. I should have been more clear in my initial post that I have already acquired the PIX 501 (10 user license), so the ASA 5505 is off the table (not sure the additional enet throughput and SSL VPN is worth the additional cost for us).

What I'm really needing are resources to help me decide the best way to deploy the PIX. Should I replace the existing Linksys DSL router (which means I'd have to do some static IP assignments because I have about 14 different devices on the office network, not including any remote VPN clients)? Or can I keep the Linksys in place doing all that it is currently doing and have it do VPN passthrough to the PIX to handle only VPN connections? I understand that I can have the PIX redirect DHCP requests to another device (like the Linksys).

Anyone with (detailed) implementation/deployment resources to share? Thanks!

CreatePlease to create content