Re: VPN Problem

rick.jones · ‎08-12-2002

Hi

The problem I’m having is to get home users who connect via dial up or ADSL using a VPN client, to create a VPN connection to the central 3030 Concentrator then get passed through the transit VLAN then through the PIX firewall to be authenticated by the TACACS+ server, then set back to the Concentrator and a second VPN is created to the client site PIX.

I have been told that I will have to implement RRI for this to work any help would be appreciated.

Cheers

Rick

paqiu · ‎08-12-2002

Hi Rick,

I am not sure the above design will be woking fine or not. Because I have not got any similar cases before.

I just want to give you a quick suggestion: Why not just build up a LAN to LAN tunnel between the VPN 3030 and the PIX.

When your client build up the VPN tunnel with VPN 3030 (pass the AAA authentication), then get authorization from the AAA server as well.

Then the traffic will be redirected from the central site through the Lan to Lan tunnel between VPN 3030 and PIX , to the PIX network.

In that case, enable RRI will be better, because it is easier to control the routing.

Best Regards,

rick.jones · ‎08-13-2002

Hi mate

rick.jones · ‎08-13-2002

Hi mate

Thanks for you help couls i Email you my Diagram for you to look at

My Email is rick.jones@freeserve.com

Thanks

rick.jones · ‎08-13-2002

Hi mate

Thanks for you help could I Email you my Diagram for you to look at

My Email is rick.jones@freeserve.com

Thanks