By the way, could you clarify an information about VPN: RAS is a network-to-network connection, correct ? RAS (MS) uses PPTP to encapsulate PPP and establish a connection. Is RAS a VPN or not ? ""Albert Ip"" <[EMAIL PROTECTED]> wrote in message 001001bfcc0a$ba488f80$[EMAIL PROTECTED]">news:001001bfcc0a$ba488f80$[EMAIL PROTECTED]... > > My 0.02. > > If PISNet own the router, can you do an upgrade? Who will manage the > specification? If you found a port that need to be open, do you call PISNet? > > You can use the Proxy Server 2 as the access point. That is not recommended > by MS as that is your firewall. You can use another NT server behind the > firewall with PPTP (this will install RAS and bunch of other stuff on that > box). You just have to assign the port in the Proxy Server. For the > clients, you just have to install the PPTP protocol. As long as the client > is Windows, it would work. This setup is for only a few connections. > > Albert > > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Chuck Larrieu > Sent: Thursday, June 01, 2000 12:37 PM > To: Parris, Brian; [EMAIL PROTECTED] > Subject: RE: vpn > > > 1) yes - to something that runs IPSec. May be a flash and mem upgrade as > well chances are very good that with more than a couple of simultaneous > tunnels, your router will crawl to a halt. > > some folks install a second device dedicated to tunnel/vpn traffic to keep > from bogging down the gateway > > internet------gateway-------firewall-----inside network > | | > vpn/tunnel--------| > > 2) don't know. Those wiser than I can answer. > > 3) Everything is a matter of degree. Cisco offers the IP/Firewall/IPSec IOS > and this is certainly one way of doing things. There are other ways. I think > it best to begin with a security policy statement, and work from there. > Decide what level of risk your company can tolerate ( meaning your top > management decides, and places this in writing ) and then evaluate different > ways of doing things based on this policy. > > > 4) Yes - a client VPN , referred to as "shim" software, installed on any > machine that wants to connect. In theory these are standards based and > interoperable. Don't count on it. Nokia/Checkpoint requires the Checkpoint > client. Cisco uses the IRE client, and IRE says that their client is > compatible for most uses, but you have to test. There are issues with any > shim software and any PC, NIC, and applications. Do not assume that this all > is plug and play. I have heard many a tale of woe from other SE's, and our > security group. > > Cisco also supports L2TP and PPTP, which require a Microsoft client piece > for windows users. > > Hope this gets you started. > > Chuck > > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > Parris, Brian > Sent: Thursday, June 01, 2000 11:42 AM > To: '[EMAIL PROTECTED]' > Subject: FW: vpn > > > Let me asking a specific question while this thread is running. > Our T1 to the internet is being handled by a Cisco 2514 w/IOS 11.1 running > on it. The router is owned by PSINet. Our security is just being handled > by our Proxy Server 2.0 . > We have a lot of outside salesman starting to jump on the broadband > bandwagon and have found a severe need for a VPN. > So my question is............. > 1. Do I need to upgrade our IOS version? > 2. Should I (or have to) get rid of the Proxy Server? > 3. Can I control all our security through the router? > 4. Do I need any special software for the clients? > > Any help would be greatly appreciated. > TIA, > Brian Parris > Systems Administrator > Carotek, Inc. > > -----Original Message----- > From: Irwin Lazar [mailto:[EMAIL PROTECTED]] > Sent: Thursday, June 01, 2000 1:37 PM > To: 'Jesus Suarez Gonzalez'; [EMAIL PROTECTED] > Subject: RE: vpn > > try: > http://www.itprc.com/vpn.htm > irwin > -----Original Message----- > From: Jesus Suarez Gonzalez [mailto:[EMAIL PROTECTED]] > Sent: Thursday, June 01, 2000 12:13 PM > To: [EMAIL PROTECTED] > Subject: vpn > > > I need materia of study about VPN, > where can i found this material. > > regards > > ___________________________________ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > ___________________________________ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > ___________________________________ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > ___________________________________ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > ___________________________________ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > --- ___________________________________ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]