- for Win 9x/NT clients, could I just use IPSec; for Win 2K, L2TP is required?
- if I have public IPs on both, outside & inside, is possible to give clients, from an internal pool a private IP range; do I have to route it/ include it in some NAT or access lists/ add it to default tunnel gateway? How about clients getting WINS, DNS, default gateway and logging in NT domain?
- if I have the 3015 (used for remote access clients only) connected in parallel with a 3640 VPN router (used for LAN-to-LAN), how servers from private area will know to differentiate when sending back packets?
- does it matter if telecommuters use dial-up or cable modem?
I thought it would be easier to read this in list format.
1.) Win2ks version of IPSEC is over L2TP.
2.) Unsure of your question. If you have your users coming in a tunnel across the Internet and, when they arrive they are assigned IPs your network already knows about, then they should be routable already. If you are out of address space or something and need to give them private IPs, then you have to add those routes to your network accordingly. You better get a design specialist on this one.
3.) If you assign your users an IP address that is known on your local network and routing will occur properly. If you use a different subnet, simply route those addresses to the 3015.
4.) Dial-up, cable modem, DSL, ISDN: Connection type is not important.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...