I work at a Hospital where they started offers internal Apps to remote Doctors offices thru a VPN connection. The issue is the Dr offices are not apart of us, and we have no control over their networks, so alot overlap with our network. My solution was EZVPN (off of an ASA5505 or 871 the remote offices needed to purchase). This works great except for the remote offices that already VPN connections, you can't have a EZVPN connection when that is the case. Those we started doing L2L tunnels. The more L2L tunnels that come up requires alot of config on our backend. Anyone have any other ideas??
If the applications are webbased, why not use webvpn portal in your ASA centrally, or some other application portal. You can also do SSH/Telnet/RDP/citrix connections through the webvpn portal on the ASA.
Web based would have been idea. Citrix would have worked also, but the
issue is we need to run a fat client on the remote PC's. The fat client talks to the apps server backend over the vpn. They need to use a fat client because the app needs to read a USB device connected to the local PC.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...