Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

VPN from Home?

Hello,

I have a Cisco 1751 Router at my office. I am running IOS version c1700-y-mz.122-4.T.bin. The router has a public IP address and I use a Linux box as a firewall with NAT. At my house I have ADSL. I am wondering what would be the easiest way for me to be able to connect to my network from home. Any help would be much appreciated.

Thank you.

2 REPLIES
New Member

Re: VPN from Home?

The Linux Firewall will probably be the biggest obstacle. You can run IPSEC IOS on the 1700 and get the VPN Client software from Cisco to connect to it but your firewall is probably behind the 1700 and you’ll have to get in from there. If you have another router on the INSIDE of your network behind the firewall, terminate the IPSEC tunnel there by setting a static NAT address through your firewall for that router and connect to that with the client from home.

Another alternative would be to install a 3000 series concentrator in parallel with the firewall. Then you just connect to that from home with VPN client software and you don’t have to worry about drilling through the firewall at all.

New Member

Re: VPN from Home?

Consider some alternatives. If your Linux box has a valid IP Address, it can be the IPSec tunnel endpoint . Install Freeswan on it.

At home, it depends on what kind of ADSL modem you use:

If you have a bridge ADSL modem and your computer has a valid IP Address, you can use a VPN client installed on your computer. Another option is setting a Linux box as the other side of the tunnel (using roaring penguin, ipchains and freeswan).

Using an ADSL Router at home, consider a Cisco 827 Router with an IPSec feature set.

If you have another kind of router at home doing NAT, and you can't change it, you need a NAT compatible scheme. It means that you need a Cisco VPN 3000 concentrator at office, and a compatible client installed on your computer at home.

163
Views
0
Helpful
2
Replies