Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

Welcome to the General Discussion

Welcome to Cisco’s Networking Professionals Connections Virtual Private Network Forum. This conversation will provide you the opportunity to discuss General VPN issues. We encourage everyone to share their knowledge and start conversations on any issue relating to VPN.

Remember, just like in the workplace, be courteous to your fellow forum participants. Please refrain from using disparaging or obscene language or posting advertisements.

4 REPLIES
New Member

Re: Welcome to the General Discussion

Having some problems with a VPN. I'm new to the company and to VPNs. The current VPN layout I 'inherited' isn't working properly and I am hard pressed to find a solution. The layout is a fractional T1 coming into a cisco 1005 router. The router runs into a NIC on our proxy server which also is the server to which users VPN. Apparently, this rig was working but some changes on the proxy server brought things down several months before my arrival and the VPN has not functioned properly since. When a user tries to log in via VPN, the authentication takes place, however, all local network ties becomes severed from the proxy/VPN server and it has to be rebooted. I didn't think you could use a proxy server to support VPN services. Any info. or advice would be greatly appreciated.

New Member

Re: Welcome to the General Discussion

I, too, am trying to figure out how to implement a scenario just like yours (including the proxy.) This much I know: some proxies can deal with VPN ( like MS Proxy 2.0) and some cannot (like Winproxy 3.0). Does the degree of difficulty for implementing VPNs go up exponentially if one has a Cisco router on the exterior, a DMZ, AND a Proxy on the interior?

New Member

Re: Welcome to the General Discussion

I assume you are using your proxy server as a network gateway for your hosts. If that's the case, **absolutely** you'll need a proxy server that can route "other" IP (besides what you are proxying). Keep in mind though, a software based router for your network may not be the best from performance and stability standpoints. I would point the inside clients at the proxy server for just the http (and whatever other tcp you're using the proxy for), yet set their gateway at the router. Then the proxy server is not getting in the way for other IP routable traffic like your IPSec tunnels or whatever. If you're concerned about outside access without the proxy, lock it down with an access-list on the router or firewall. Does this help? Any other suggestions out there?

New Member

Re: Welcome to the General Discussion

It sounds like your proxy server is also the end-point of your VPN tunnel so you are most likely running Microsoft's PPTP VPN solution. You might want to look into a VPN termination point on your internet router and relieving the load on that server. Is it a Microsoft Proxy Server too? Sometimes other vendor's software tend to fight with eachother. Has anyone else seen anomalies with PPTP and Proxy's?

285
Views
0
Helpful
4
Replies
CreatePlease to create content