Need Cisco VPN advice for connecting two offices
Bookmark this page:
 Yahoo!
 Google
 Windows Live
 del.icio.us
 digg
 Netscape
|
|
|||||||||||||||||||
|
Posted by Corbin O'Reilly on September 9, 2008, 3:45 pm
Please log in for more thread options Hello. I have a client that currently uses a Cisco VPN 3005 concentrator. Remote employees use the Cisco VPN client to connect to the concentrator and access servers on the company's LAN. They have been using this setup for many years and it works great. My client has recently purchased another company 3,000 miles away. This second company accesses the Internet via DSL and does have a range of available public IPs. They currently have no remote employees but that will soon change. My client would like to setup a VPN solution at the second company that is similar to the parent company. They will be adding remote employees and want those remote employees to be able to VPN in just like the parent company's employees do. Also, in the near future, they would like to do a site-to-site VPN between the two companies. They have not bought Cisco VPN hardware in many years so my primary question is what should they purchase for the second company. Like I said earlier they want to accomplish two things: 1. Remote employees of the second company should be able to VPN in and access servers on the second company's network. 2. The new Cisco VPN appliance in the second office will need to be linked to the current Cisco 3005 VPN concentrator at the parent company. Could someone please give me some advice on what Cisco appliance to purchase in order to accomplish this? The second company will consist of about 20 employees and a few remote employees. Thanks for the help. | |||||||||||||||||||
|
Posted by Artie Lange on September 9, 2008, 3:55 pm
Please log in for more thread options Corbin O'Reilly wrote: Look at the Cisco ASA 55XX Remote users would use an SSL VPN configuration, no client to install just publish the login to the internet. Note there is a charge for the SSL licenses, it comes with 2 out of the box. > 2. The new Cisco VPN appliance in the second office will need to be linked
> to the current Cisco 3005 VPN concentrator at the parent company. Not a problem, the ASA is a mixture of the VPN concentrator and the PIX firewall. | |||||||||||||||||||
|
Posted by Corbin O'Reilly on September 9, 2008, 5:13 pm
Please log in for more thread options
Hey Artie. Will the Cisco ASA 55XX also support the traditional Cisco Windows VPN client? The parent company has been using the Cisco Windows VPN client for IPSEC connectivity for many years and it is rock solid. Just wanted to make sure. Do you think the 5510 model would be sufficient for the second company? Thanks. > Corbin O'Reilly wrote:
> > > Look at the Cisco ASA 55XX > >>
>> 1. Remote employees of the second company should be able to VPN in and >> access servers on the second company's network. >
> Remote users would use an SSL VPN configuration, no client to install just > publish the login to the internet. Note there is a charge for the SSL > licenses, it comes with 2 out of the box. > > > >> 2. The new Cisco VPN appliance in the second office will need to be
>> linked to the current Cisco 3005 VPN concentrator at the parent company. >
> Not a problem, the ASA is a mixture of the VPN concentrator and the PIX > firewall. | |||||||||||||||||||
|
Posted by Artie Lange on September 9, 2008, 5:15 pm
Please log in for more thread options
Corbin O'Reilly wrote: > Hey Artie. Will the Cisco ASA 55XX also support the traditional Cisco
> Windows VPN client? The parent company has been using the Cisco Windows VPN > client for IPSEC connectivity for many years and it is rock solid. Just > wanted to make sure. Do you think the 5510 model would be sufficient for the > second company? Thanks. yes, it supports the past VPN clients as well.... I run the 5510 in alot of client offices with well over 100 remote users. They may not connect at the same time, but the hardware is capable. I am not sure what performance you are looking for, but I would assume if anything, your DSL line in your remote office would be your bottleneck before the ASA :) | |||||||||||||||||||
|
Posted by Corbin O'Reilly on September 9, 2008, 7:05 pm
Please log in for more thread options
Thanks for the info Artie. One more question. Does the 5510 serve as both a PIX and a VPN appliance? I am asking this because the parent company is running a PIX 515 firewall and a VPN 3005 concentrator. If the second company gets a 5510 the parent may want to get one as well. I just want to know if the 5510 can replace both the PIX and VPN concentrator and the parent company. Thanks again for the help. > Corbin O'Reilly wrote:
>> Hey Artie. Will the Cisco ASA 55XX also support the traditional Cisco
>> Windows VPN client? The parent company has been using the Cisco Windows >> VPN client for IPSEC connectivity for many years and it is rock solid. >> Just wanted to make sure. Do you think the 5510 model would be sufficient >> for the second company? Thanks. >
> yes, it supports the past VPN clients as well.... I run the 5510 in alot > of client offices with well over 100 remote users. They may not connect at > the same time, but the hardware is capable. I am not sure what performance > you are looking for, but I would assume if anything, your DSL line in your > remote office would be your bottleneck before the ASA :) | |||||||||||||||||||
> 1. Remote employees of the second company should be able to VPN in and
> access servers on the second company's network.