Suppose I have a remote firewall (pix), to which a web and a database servers are connected. Now I want to connect to this firewall via the internet by using the VPN technology.
In my office (located remotely) my PC, along 15 other PCs, are connected to a Cisco 877 router which dynamically assign the IP addresses to each of the PC on the LAN via DHCP (ADSL connection).
I'll install the Client VPN on my PC. For this (LAN) architecture, can I "build up" a VPN channel from my PC to the firewall to access the web and database servers?
If so, can I only make my PC has the access to the VPN channel, while deny the rest of PCs in my office (I do not want the rest to access the VPN)?
The key thing and the problem here is that I can not assign a static IP address to my PC. Why? Because I am using the ADSL service from a ISP company. The IP I got is a dynamic one. If I want my PC to be static IP, I have to have the whole office's PC to go static (IP). In that case, I'll have to upgrade to a more expensive service.
With the service plan I am now having, it is relatively cheaper because the IP is dynamic. Now I just wonder if the Cisco's client VPN software will resolve this issue, i.e., even if my PC is DHCP assigned IP, I would still be able to build up a channel with the remote servers? If so, how to do it?
its possible to do that with the pix using dynamic ipsec configs (in which your pix will act as a easy vpn server for the vpn clients) but still you need to take uttermost care in keeping the keys which is required to establish the ipsec (tunnel) connectivity.
anyone with vpn clients installed in their pc using the key can access get the ipsec tunnel established and get into ur remote network. so do take care of the key and other parameters which is reqd to create the tunnel.
This document gives several answers on frequently asked questions for PFRv3 channel state behavior.
Q1: What are all the channel operational states from a BR (border role) perspective and what are the rules/conditions to be in each st...
The need was to reach an host inside a LAN through a VPN connection managed by the LAN gateway (Cisco 1921).
The LAN gateway performs NAT and there was a dedicate nat rule for the host i wanted to reach through VPN.
I couldn't connect to the hos...
We have 3 identical switches configured by someone else and would like to claim some of the Gigabit ports(G1/G2/G3/G4) for use on servers. When we try to change the wiring and configuration, we run in to connectivity issues. Attached is a des...