VPN through ADSL
I want one of our remote branch to access the internet via ADSL. The remote branch will have the Alcatel ADSL router that the ISP will provide as well as a Linksys router behind it for PAT and firewalling capabilities. I also want to place a Cisco VPN client at a workstation in the remote branch to connect to Corporate. Corporate has a PIX firewall with VPN capabilities. My question is - Since the ISP uses DHCP to lease addresses for the ADSL connection , will this affect my vpn connection? My Answer is - No since the branch workstation will be PATed anyway. Interesting traffic as defined by the VPN policy will allow packets to go through to the Corporate location. Can anyone verify if this train of thought is correct or is there a better way to do this ? Basically the remote branch needs access a Unix server in corporate to be able to send a print job to the branch. Thank you in advanced Rgds, Manolito _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VPN through ADSL
Manolito.. The key component here is that you will be using the VPN Client... I have been working with the VPNClient 3000, and it is amazing. (better than the old client Cisco used to provide--IRE/SafeNet). The only setting you will need is to allow IPSec through NAT in order for it to work. It is a setting you configure in the Client and also in the VPN Concentrator or Firewall. We do it very often for users in Leased Office Space where another company allows them to use an Internet connection. I have no control over the Links/Firewalls but it is not a problem as long as we allow the IPSec to take place through NAT. Hope this helps... Gonzalo. ""Liwanag, Manolito"" <[EMAIL PROTECTED]> wrote in message A7ED9E5852A7D311839D009027DE284C012D1026@exchtor">news:A7ED9E5852A7D311839D009027DE284C012D1026@exchtor... > > I want one of our remote branch to access the internet via ADSL. The remote > branch will have the Alcatel ADSL router that the ISP will provide as well > as a Linksys router behind it for PAT and firewalling capabilities. I also > want to place a Cisco VPN client at a workstation in the remote branch to > connect to Corporate. Corporate has a PIX firewall with VPN capabilities. > > My question is - Since the ISP uses DHCP to lease addresses for the ADSL > connection , will this affect my vpn connection? > > My Answer is - No since the branch workstation will be PATed anyway. > Interesting traffic as defined by the VPN policy will allow packets to go > through to the Corporate location. > > Can anyone verify if this train of thought is correct or is there a better > way to do this ? Basically the remote branch needs access a Unix server in > corporate to be able to send a print job to the branch. > > Thank you in advanced > > Rgds, > Manolito > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN through ADSL
The problem is not so much the the ISP is assigning an address to your DSL device through DHCP as the problem of letting the PIX get to the peer address(which will be the HOST inside not the DSL device). Since you are using PAT the address from the host will likely always be the same so it should be o.k. If you did not know what the client's address would be each time because you were using NAT (as oppossed to PAT) then you would want to use IKE MODE CONFIG on the PIX with a wildcard key, or dynamic list on the PIX with a wild card key. -Original Message- From: Liwanag, Manolito [mailto:[EMAIL PROTECTED]] Sent: Friday, January 26, 2001 11:38 AM To: 'Cisco Group Study' Subject: VPN through ADSL I want one of our remote branch to access the internet via ADSL. The remote branch will have the Alcatel ADSL router that the ISP will provide as well as a Linksys router behind it for PAT and firewalling capabilities. I also want to place a Cisco VPN client at a workstation in the remote branch to connect to Corporate. Corporate has a PIX firewall with VPN capabilities. My question is - Since the ISP uses DHCP to lease addresses for the ADSL connection , will this affect my vpn connection? My Answer is - No since the branch workstation will be PATed anyway. Interesting traffic as defined by the VPN policy will allow packets to go through to the Corporate location. Can anyone verify if this train of thought is correct or is there a better way to do this ? Basically the remote branch needs access a Unix server in corporate to be able to send a print job to the branch. Thank you in advanced Rgds, Manolito _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VPN through ADSL
Works just fine as I've implemented it for a number of "work at home" folks. The Linksys took care of the PPPoE login junk, and so long as PacBell/SBC doesn't bump their connection, it just works. Of course, all these folks are technical and can troubleshoot the problem and know to reset their VPN software if needed (or how to get into the Linksys admin webpage to make sure the PPPoE is authenticated). I wouldn't even allow a non-technical person to have such a connection, it'd be a support nightmare. -- Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ List email: [EMAIL PROTECTED] Homepage: http://jason.artoo.net/ Cisco resources: http://r2cisco.artoo.net/ ""Liwanag, Manolito"" <[EMAIL PROTECTED]> wrote in message A7ED9E5852A7D311839D009027DE284C012D1026@exchtor">news:A7ED9E5852A7D311839D009027DE284C012D1026@exchtor... > > I want one of our remote branch to access the internet via ADSL. The remote > branch will have the Alcatel ADSL router that the ISP will provide as well > as a Linksys router behind it for PAT and firewalling capabilities. I also > want to place a Cisco VPN client at a workstation in the remote branch to > connect to Corporate. Corporate has a PIX firewall with VPN capabilities. > > My question is - Since the ISP uses DHCP to lease addresses for the ADSL > connection , will this affect my vpn connection? > > My Answer is - No since the branch workstation will be PATed anyway. > Interesting traffic as defined by the VPN policy will allow packets to go > through to the Corporate location. > > Can anyone verify if this train of thought is correct or is there a better > way to do this ? Basically the remote branch needs access a Unix server in > corporate to be able to send a print job to the branch. > > Thank you in advanced > > Rgds, > Manolito > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]