Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN Concentrator vs. Router to Router VPN

We currently have VPN Tunnels setup using a 3640 and a 2621 router between our HQ and a remote office. We are looking to replace all our dedicated WAN lines with VPN tunnels. What advantages/disadvantages does a concentrator solution have over a router to router VPN, thanks

6 REPLIES
Bronze

Re: VPN Concentrator vs. Router to Router VPN

Take a look at this conversation:

http://forums.cisco.com/eforum/servlet/NetProf?page=netprof&CommCmd=MB%3Fcmd%3Ddisplay_messages%26mode%3Dnew%26location%3D.ee71c8b%2F1

I think from an administrative standpoint, the concentrator is easier to setup and maintain.

Re: VPN Concentrator vs. Router to Router VPN

I would have to agree. I have found the Concentrator to be a breeze to administer and maintain.

New Member

Re: VPN Concentrator vs. Router to Router VPN

I have got only 3 remote office, 1 business partner and 100 remote dialup user. What solution should I use. I am current using a PIX firewall in the gateway.

thanks.

Re: VPN Concentrator vs. Router to Router VPN

Well if costs isn't your overriding factor I would kill the dial up users and as long as no more than 100 people aren't trying to tunnel into the same location. I would get 3 3005 Concentrators and place one at each site. unless by 3 remote offices you mean 1 main office and 3 remote offices then of course you would need 4 3005's

New Member

Re: VPN Concentrator vs. Router to Router VPN

yes, I need 4 concentrators. So in this case i will have the Pix sitting beside the concentrator of the main office. Do you think there will be any potential routing problem?

I think i just need to add some static routes in the internal routers of the main office. Right?

Thanks.

New Member

Re: VPN Concentrator vs. Router to Router VPN

I think it depends on the size of the VPN network. If you have a handful of sites, the 3005 is attractive because it is very easy to setup. If your VPN is going to be 20-25+ sites, I would go with IOS devices.

With IOS, you can run IPSec transport mode, and the routing protocol of your choice, over GRE tunnels. This creates a much more dynamic VPN. If you added an additional VPN endpoint at your hub location, you could run two GRE tunnels to each spoke site. With EIGRP over these tunnels, you have a redundant VPN.

The debugging funtions are also much more comprehensive in IOS, as compared to the 3005 GUI.

2 cents.

401
Views
0
Helpful
6
Replies
CreatePlease to create content