RE: PIX + VPN Router or Just VPN Router? [7:45315]

Tue, 28 May 2002 20:02:37 -0700 

It didn't make sense to me either. I should say that some of the connections
are private frame relay and others will be either DSL, cable modem or
wireless internet with dial-backup through the router. With the remote sites
using VPN through the Internet, do we really need a PIX at each location? I
am thinking of telling them to stick with a 1700 at each site and skip the
PIX. The main reason I'm asking is because the CCIE in the room from Cisco
was trying to sell us on using a PIX and Router at the same time for all
remotes.

Jeffrey Reed
Classic Networking, Inc.

-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Henry
D.
Sent: Tuesday, May 28, 2002 10:00 PM
To: [EMAIL PROTECTED]
Subject: Re: PIX + VPN Router or Just VPN Router? [7:45315]

What you are describing doesn't really make sense. You say
you have connections back to the core site from all remotes.
If that was the case there would be no reason for the pix at remote
sites or an obvious reason for vpn tunnels between remotes and the core
site.
In that case, you could just put the core pix in front of the core site and
the remotes,
terminate the remotes before the core pix, and no need for all the other
mess.

But I have a feeling there is more involved than we know at the
moment.....:(


""Jeffrey Reed""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I am curious about recommendations on remote office connections when VPNs
> are involved. Today, in two separate occasions I ran into designs that
> showed remote sites with a small 1720 router and a PIX 506. The 506
> terminated one end of a tunnel back to the core PIX and the 1720
facilitated
> the frame connection. All traffic will be going back to the core, then if
> needed, to the Internet through the central sites main connection.
>
> Why cant you just use the 1720s ability to terminate a tunnel and drop
all
> non-encrypted traffic and eliminate the need for the PIX? This would
reduce
> the costs of both the initial purchase as well as ongoing support. What
are
> the downsides to a design without a PIX at the remote site?
>
> Thanks!!
>
> Jeff




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=45325&t=45315
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Reply via email to