Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
736
Views
0
Helpful
5
Replies

VPN connection and VLANS

drikilbride
Level 1
Level 1

‎03-11-2010 01:55 AM

Hi

I am bit new to this and have a question about a new VPN link I have been asked to set up.

I need to set up a VPN link to a remote company which is fine. This link then needs to be passed down to a certain location in our building only for a certain group of users. It will be their main connection to the outside world.

Although they are located in our building they will now need to access resources from the remote company.

Can anyone please give me a point in the right direction for this?

Thanks in advance

Labels:
0 Helpful
5 Replies 5

KARUPPUCHAMY MALAIYANDI
Level 4
Level 4

‎03-11-2010 02:30 AM

Hi,

If you want to make your VPN more secure, then make the host based acl and mark it as interesting traffic.In this scenario,they will have only the specific reource access.

If you want more info, can you post your network toplogy diagram ??

Regards

Karuppu

0 Helpful

drikilbride
Level 1
Level 1
In response to KARUPPUCHAMY MALAIYANDI

‎03-11-2010 06:01 AM

Hi

Here is a very basic network diagram of what I am trying to do.

I need to know how to create the a VLAN on the Switch which will then link up with the VPN on the ASA 5510 so all traffic from that department go out via that VPN so they can access the server over in Site B.

The staff in Site B are looking after their end.

I just need to know the best way to ensure those pc's use that VPN link.

Thanks again

0 Helpful

drikilbride
Level 1
Level 1
In response to drikilbride

‎03-11-2010 06:03 AM

Here is the network diagram, it wouldnt let me upload it last time.

Preview file
1964 KB
0 Helpful

KARUPPUCHAMY MALAIYANDI
Level 4
Level 4
In response to drikilbride

‎03-11-2010 06:33 AM

Hi,

Create a seperate vlan the clients which needs to communicte to site B in switch by the below commands

config t

(config)#vlan 100(this vlan should not be exist in your switch)

then assign the ports(the clients which needs to be connect) in the switch into the respective VLAN.

int fastethernet0/0

switchport mode access

switchport access vlan 100

Hope it helps you

Regards

Karuppu

0 Helpful

drikilbride
Level 1
Level 1
In response to KARUPPUCHAMY MALAIYANDI

‎03-11-2010 07:14 AM

So then on the ASA after I have created the VPN tunnel hos do I assign that tunnel to VLAN 100 that I created on the switch?

Thanks again!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents