08-05-2002 03:38 PM - edited 02-21-2020 11:58 AM
Hi,
I am currently at the design phase of a VPN implementation to a pilot group of users within our organisation.
At present, I am looking at putting a Hardware client (either VPN 3002 or Pix 501)at the remote site so that no changes to the corporate SOE are required. This will connect back to our existing VPN 3015 concentrator at head office.
The remote end is an ADSL service that provides dynamic IP Addresses via PPPoE. I am looking to create a LAN to LAN connection, but when looking at the configuration of the VPN concentrator, a peer IP Address is required. Obviously this will be changing.
Is there anyway that I can setup the VPN connection, so that the dynamic peer can connect to the VPN concentrator and still allow head office to connect back to the machines at the remote site once the tunnel has been established.
(This is a requirement, as the PC's at the remote site need to be capable of remote managment by the helpdesk).
Sorry if this sounds a bit vague, but I am at the high level design stage and I just need to know what is and is not possible.
Many thanks
Darryl
08-05-2002 04:25 PM
Hi Darryl,
VPN 3002 or PIX 501 can runn in the network extension mode. IN that way, although it is still a hardware client, but function like a LAN to LAN tunnel.
http://www.cisco.com/warp/customer/471/vpn_3002_nem_5402.html
Or using static to dynamic lan to lan tunnel (3000 static, router dynamic ip address):
http://www.cisco.com/warp/customer/471/vpn3k_iosdhcp.html
Both ways can will be working fine.
Best Regards,
08-05-2002 08:20 PM
Thanks. I have had a play with Network Extension Mode, and it looks like it will do all I need.
I did have a quick go of this previously, but I mustn't have been holding my tongue right.
Thanks again
Darryl
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide