hey keith, short answer is probably yes it would work but need to check out the pesky little details as always :)
assuming timecapsule has an ip, youd connect this to the switchport of the cisco box, and then connect the WAN port of the cisco box to your modem. things to watch out for: if your modem is also acting as a router doing NAT, then presumably the cisco box will have a private IP, so establishing a VPN from the internet across the NAT on the modem to the Cisco box will be tricky, since your vpn destination will need to be your public ip which would presumably be on youir modem, and it can be nasty doing vpn via port forwarding. i managed to gre this way (for ipv6) but never tried ipsec. ipsec uses udp 500 iirc also you should technically be able to specify what goes via vpn and what not. here you will use an 'encryption domain' to specify the networks inside/behind the VPN (ie your timecapsule), and then an access list on the cisco to allow/deny traffic based on src/dst ips the cisco 800 series (on ebay for few $) prob would do this too, but need to check if the IOS you get it with supports VPN. hope this helps cheers Mark PS - sorry couldnt make the meeting this morning On 18 February 2012 13:37, Keith Vassallo <[email protected]> wrote: > Hey Guys, > > Ok so this is not entirely Linux related, but I guess there'd be quite a > few network pros here. > > So my current situation is this: > > I have an Apple Timecapsule (it's a router and wireless hard drive). Ok I > know I've put some people off just by saying that, but it's a wireless hard > drive, it's fast, and by backup's based on it. > > Anyway, this Timecapsule doesn't handle VPN. So I was thinking of getting > a Cisco small business router in front of the timecapsule (between it and > my modem). > > I am able to get one of these (Cisco RVS4000) > http://www.cisco.com/en/US/products/ps9928/index.html at a good price. > Would this do the job? > > Also, would it be possible to specify on a domain/ip basis what goes > through the VPN and what doesn't? I need to connect to certain hosts via > the VPN, but the rest should just connect normally. Is this possible in the > Cisco config? > > Thanks, > > K > > > _______________________________________________ > MLUG-list mailing list > [email protected] > http://linux.org.mt/cgi-bin/mailman/listinfo/mlug-list > >
_______________________________________________ MLUG-list mailing list [email protected] http://linux.org.mt/cgi-bin/mailman/listinfo/mlug-list
