Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
544
Views
0
Helpful
3
Replies

Remote VPNs

Go to solution
rameuniver
Level 1
Level 1

‎03-30-2012 11:55 PM

We have multiple clients to manage thiere IT infrasturcutre, till now we are accesing thier infrastructure through RDP and then we are accessing theire resources. Now we are decided to go for remote VPNs, as per my knowledge, in case of Remote VPNs i have to make the vpn client to connect desired client network everytime. Is there anyway to make VPN client to connect all the client networks at a time ?

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni

‎03-31-2012 01:17 AM

Hi,

If you have a constant need to manage a customers IT and would like to have possibility to access them all without taking a new VPN Client connection every time, then I would suggest configuring a permanen L2L (Lan to Lan) VPN connection between your office and your customer office.

Ofcourse this sets requirements of the equipment both customer and your site has. You need to have a router/firewall capable of VPN connections on both ends. ASA5505 is the most basic model of the Cisco Firewall (although I guess soon to be replaced some new models) which could handle this situation on all sites.

But this ofcouse means much more costs and configuring than just using VPN Client. But then again you would be getting a pretty good setup. And you could just take your remote connection straigth from your offices to the customer.

You would ofcourse need to take into account the security, even when using VPN. You wouldnt still want to allow all traffic between the sites. So you would need limit the amount of access the customer networks have towards your own network and possibly also limit the connection you take towards their networks.

Pretty hard to say more not knowing your exact situation. But I do think that L2L VPN would be a good choice if in anyway possible.

- Jouni

View solution in original post

0 Helpful

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni
In response to rameuniver

‎03-31-2012 01:52 AM

Hi,

They would be on their own subnets

The VPN would then make it possible to directly connect between these subnets

If the local subnets happen to overlap (or are the same) you could always use NAT to change the subnet thats visible to your or the customer network.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni

‎03-31-2012 01:17 AM

Hi,

If you have a constant need to manage a customers IT and would like to have possibility to access them all without taking a new VPN Client connection every time, then I would suggest configuring a permanen L2L (Lan to Lan) VPN connection between your office and your customer office.

Ofcourse this sets requirements of the equipment both customer and your site has. You need to have a router/firewall capable of VPN connections on both ends. ASA5505 is the most basic model of the Cisco Firewall (although I guess soon to be replaced some new models) which could handle this situation on all sites.

But this ofcouse means much more costs and configuring than just using VPN Client. But then again you would be getting a pretty good setup. And you could just take your remote connection straigth from your offices to the customer.

You would ofcourse need to take into account the security, even when using VPN. You wouldnt still want to allow all traffic between the sites. So you would need limit the amount of access the customer networks have towards your own network and possibly also limit the connection you take towards their networks.

Pretty hard to say more not knowing your exact situation. But I do think that L2L VPN would be a good choice if in anyway possible.

- Jouni

0 Helpful

Go to solution
rameuniver
Level 1
Level 1
In response to Jouni Forss

‎03-31-2012 01:29 AM

Thanks for your reply Jouni. In this case, is cutomer network and our network of the same subnet ?

0 Helpful

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni
In response to rameuniver

‎03-31-2012 01:52 AM

Hi,

They would be on their own subnets

The VPN would then make it possible to directly connect between these subnets

If the local subnets happen to overlap (or are the same) you could always use NAT to change the subnet thats visible to your or the customer network.

0 Helpful
Customers Also Viewed These Support Documents