1) yes - to something that runs IPSec. May be a flash and mem upgrade as well chances are very good that with more than a couple of simultaneous tunnels, your router will crawl to a halt. some folks install a second device dedicated to tunnel/vpn traffic to keep from bogging down the gateway internet------gateway-------firewall-----inside network | | vpn/tunnel--------| 2) don't know. Those wiser than I can answer. 3) Everything is a matter of degree. Cisco offers the IP/Firewall/IPSec IOS and this is certainly one way of doing things. There are other ways. I think it best to begin with a security policy statement, and work from there. Decide what level of risk your company can tolerate ( meaning your top management decides, and places this in writing ) and then evaluate different ways of doing things based on this policy. 4) Yes - a client VPN , referred to as "shim" software, installed on any machine that wants to connect. In theory these are standards based and interoperable. Don't count on it. Nokia/Checkpoint requires the Checkpoint client. Cisco uses the IRE client, and IRE says that their client is compatible for most uses, but you have to test. There are issues with any shim software and any PC, NIC, and applications. Do not assume that this all is plug and play. I have heard many a tale of woe from other SE's, and our security group. Cisco also supports L2TP and PPTP, which require a Microsoft client piece for windows users. Hope this gets you started. Chuck -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Parris, Brian Sent: Thursday, June 01, 2000 11:42 AM To: '[EMAIL PROTECTED]' Subject: FW: vpn Let me asking a specific question while this thread is running. Our T1 to the internet is being handled by a Cisco 2514 w/IOS 11.1 running on it. The router is owned by PSINet. Our security is just being handled by our Proxy Server 2.0 . We have a lot of outside salesman starting to jump on the broadband bandwagon and have found a severe need for a VPN. So my question is............. 1. Do I need to upgrade our IOS version? 2. Should I (or have to) get rid of the Proxy Server? 3. Can I control all our security through the router? 4. Do I need any special software for the clients? Any help would be greatly appreciated. TIA, Brian Parris Systems Administrator Carotek, Inc. -----Original Message----- From: Irwin Lazar [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 01, 2000 1:37 PM To: 'Jesus Suarez Gonzalez'; [EMAIL PROTECTED] Subject: RE: vpn try: http://www.itprc.com/vpn.htm irwin -----Original Message----- From: Jesus Suarez Gonzalez [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 01, 2000 12:13 PM To: [EMAIL PROTECTED] Subject: vpn I need materia of study about VPN, where can i found this material. regards ___________________________________ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___________________________________ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___________________________________ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___________________________________ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]