Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

VPN, Product and Design

I have promised to help a guy with a few design issues.

First of all his employers are dialling-in to the company when they need a connection from home (they have 2 ISDN modems on the site).

Second, they are all using public addresses on the LAN.

Third, his got some employers he does not want to give internet access, the way this is solved now is by using 2 separate LANs. One LAN using cabled network, the other LAN using wireless (has internet access). This is easy for him to manage without much technical knowledge, he just gives those who need internet access a wireless adapter...

I like to make a new design to make this a little more simple and fast.

My plan is first of all to get VPN on the site, that way his employers can use their much faster DSL connections from home and when they need a connection to the company, while not being at home, they can still make a analog/ISDN connection to their ISP and then a VPN tunnel to the office through the dial-up connection. This is not a problem right? ive only ever used VPN over ADSL. Also why am asking.

Another thing i planned is to skip his wireless network altogethers, along with his public addresses and then manage his internet restrictions with access-lists. we could give all those who need internet access an IP range from 198.168.10.50-80 and those we want to block with access-lists, a range from 192.168.10.90-110. This would ofcourse require static IP addresses but still its better than static-public addresses + wireless and cable.

How does all this sound? This way we can remove the ISDN modems at the site. Give home-users faster access to the company and manage the internet access the “right” way, and at the same time make the LAN more simple in design.

My question is, how does this sound over-all?

What product can we use for VPN (20 users or so) and will this product support access-list for internet-access management. Im hoping to solve it all with one box (access-lists and VPN)

thanks in advance.

1 REPLY
Silver

Re: VPN, Product and Design

This document illustrates two Cisco Secure PIX Firewall devices running a simple VPN tunnel from PIX 1 to PIX 2 over a public network using IPSec. A Cisco VPN Client 4.x connects to PIX 1. The configuration uses pre-shared keys (wild-cards for the clients' IPs), and mode configuration for the clients.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00800948b8.shtml

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/prod_configuration_examples_list.html

77
Views
0
Helpful
1
Replies
CreatePlease to create content