Advertisement

02.08.2008 at 11:35AM PST, ID: 23148743
[x]
Attachment Details
[x]
The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

  • The Grade of the Solution
  • The Zone Rank of the Expert Providing the Solution
  • The Number of Author and Expert Comments
  • The Number of Experts Contributing
  • The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!
8.2

Site to Site VPN implementation using ASA 5505

Zones: Network Operations, Virtual Private Networking (VPN), Cisco PIX Firewall
Tags: Site to Site VPN
Hello, I'm going to be setting up a site to site VPN using our Cisco ASA 5505.  The two sites are laid out like this:  Site1 has an a Domain Controller running SBS 03 and is setup as a DNS, DHCP and Exchange server which is behind a Cisco ASA 5505.  Site2 has a Domain controller running W2k and is setup as a DNS, DHCP server which is also behind a Cisco ASA 5505.  Internal addresses for both sites are the same 192.168.1.1-.254.  I'm really looking for thoughts on what would be the most logical way to set the VPN up because I'm not sure if:  1. if you have to change one of the sites internal IP subnetmask.  2.  if you'll have to change the Cisco ASA 5505 internal address on one of the sites.  3.  If you have to turn DNS and DHCP off on one of the servers.  4.  If using the VPN wizard on the Cisco ASA will take care of all my listed problems.  5.  Should I create zones with the servers to make this whole thing easier.
I really don't want to use the W2k server on Site2, I am actually thinking about taking it out of the picture and later upgrading it to SBS 03, so what I was thinking of doing was just taking that server out, change the internal ip of the site2 Cisco asa and then joining the sites via the VPN wizard.  Does that sound like it would work or does anyone see any problems with that?  Thanks for any input.  
Start your free trial to view this solution
Question Stats
Zone: Networking
Question Asked By: tourist08
Solution Provided By: rsivanandan
Participating Experts: 1
Solution Grade: A
Views: 34
Translate:
Loading Advertisement...
02.10.2008 at 08:09AM PST, ID: 20861492

Rank: Wizard

rsivanandan:

All comments and solutions are available to Premium Service Members only.

Start your 7-day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
02.10.2008 at 06:43PM PST, ID: 20863678
tourist08:

All comments and solutions are available to Premium Service Members only.

Start your 7-day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
02.12.2008 at 07:00PM PST, ID: 20881310

Rank: Wizard

rsivanandan:

All comments and solutions are available to Premium Service Members only.

Start your 7-day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
02.13.2008 at 12:13PM PST, ID: 20887672
tourist08:

All comments and solutions are available to Premium Service Members only.

Start your 7-day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
 
Loading Advertisement...
Microsoft
  • Internet Protocols
  • Applications
  • Development
  • OS
  • Hardware
  • Windows Security
Apple
  • Operating Systems
  • Hardware
  • Programming
  • Networking
  • Software
Internet
  • Search Engines
  • File Sharing
  • WebTrends / Stats
  • Spy / Ad Blockers
  • Web Browsers
  • New Net Users
  • Web Development
  • Chat / IM
  • Anti Spam
  • Web Servers
  • Anti-Virus
  • Email Clients
Gamers
  • Tips
  • Online / MMORPG
  • Puzzle
  • Emulators
  • Action / Adventure
  • Role Playing
  • Consoles
  • Game Programming
  • Strategy
  • Sports
  • Misc
  • Computer Games
Digital Living
  • Hardware
  • Automotive
  • New Net Users
  • New Users
  • Software
  • Digital Music
  • Gaming World
  • Home Security
  • Apple
  • Networking Hardware
Virus & Spyware
  • Vulnerabilities
  • IDS
  • Encryption
  • Anti-Virus
  • Operating Systems Security
  • Software Firewalls
  • WebApplications
  • Cell Phones
  • Operating Systems
  • Internet
  • Hardware Firewalls
Hardware
  • Displays / Monitors
  • Handhelds / PDAs
  • Components
  • Peripherals
  • Laptops/Notebooks
  • Servers
  • Misc
  • Apple
  • Embedded Hardware
  • Networking Hardware
  • Storage
  • Desktops
  • New Users
Software
  • System Utilities
  • Industry Specific
  • Network Management
  • Photos / Graphics
  • Page Layout
  • VMware
  • Misc
  • Web Development
  • OS
  • CYGWIN
  • Voice Recognition
  • Virtualization
  • Message Queue
  • Quality Assurance
  • Security
  • Firewalls
  • MultiMedia Applications
  • Development
  • Database
  • Office / Productivity
  • Business Management
  • OS/2 Apps
  • Server Software
  • Internet / Email
ITPro
  • OS
  • Storage
  • Encryption
  • Operating Systems Security
  • Apple Hardware
  • Laptops & Notebooks
  • Servers
  • Networking Hardware
  • Peripherals
  • Devices
  • Displays / Monitors
  • WebTrends / Stats
  • Search Engines
  • Firewalls
  • Web Computing
  • WebApplications
  • IDS
  • Vulnerabilities
  • Email Clients
  • File Sharing
  • Spy / Ad Blockers
  • Web Browsers
  • Web Servers
  • Networking
  • Anti-Virus
  • Consulting
  • Chat / IM
  • Anti Spam
Developer
  • Web Servers
  • Web Browsers
  • Game Programming
  • Dev Tools
  • Industry Specific
  • Office / Productivity
  • Database
  • CYGWIN
  • Web Development
  • Search Engines
  • File Sharing
  • WebTrends / Stats
  • Programming
  • Content Management
  • Application Servers
  • Protocols
Storage
  • Removable Backup Media
  • Storage Technology
  • Servers
  • Grid
  • Remote Access
  • Backup / Restore
  • Misc
  • Hard Drives
OS
  • Miscellaneous
  • Security
  • Development
  • Linux
  • VMware
  • MainFrame OS
  • Unix
  • Apple
  • OS / 2
  • AS / 400
  • BeOS
  • Microsoft
  • VMS / OpenVMS
Database
  • Oracle
  • Miscellaneous
  • MySQL
  • Software
  • Sybase
  • Contact Management
  • PostgreSQL
  • Data Manipulation
  • Clarion
  • InterSystems Cache
  • Siebel
  • MUMPS
  • OLAP
  • SQLBase
  • SAS
  • GIS & GPS
  • 4GL
  • Berkeley DB
  • DB2
  • Informix
  • Interbase / Firebird
  • FoxPro
  • Reporting
  • LDAP
  • Filemaker Pro
  • MS SQL Server
  • dBase
  • MS Access
Security
  • Misc
  • Web Browsers
  • Software Firewalls
  • Operating Systems Security
  • File Sharing
  • Spy / Ad Blockers
  • Vulnerabilities
  • WebApplications
  • IDS
  • Anti-Virus
  • Encryption
  • Anti Spam
  • Email Clients
  • VPN
  • Chat / IM
Programming
  • Editors IDEs
  • Installation
  • Handhelds / PDAs
  • Multimedia Programming
  • System / Kernel
  • Automation
  • Algorithms
  • Game
  • Signal Processing
  • Project Management
  • Open Source
  • Database
  • Misc
  • Languages
  • Processor Platforms
  • Theory
Web Development
  • Scripting
  • Blogs
  • Web Servers
  • Software
  • Search Engines
  • Web Graphics
  • Web Services
  • Images
  • Internet Marketing
  • Images and Photos
  • Components
  • Document Imaging
  • Web Languages/Standards
  • Illustration
  • WebApplications
  • Fonts
  • WebTrends / Stats
  • Authoring
  • Digital Camera Software
  • Miscellaneous
Networking
  • Protocols
  • Apple Networking
  • Network Management
  • Message Queue
  • Application Servers
  • Content Management
  • File Servers
  • Email Servers
  • Misc
  • Java Editors & IDEs
  • Wireless
  • Networking Hardware
  • Backup / Restore
  • System Utilities
  • ISPs & Hosting
  • Web Servers
  • Storage Technology
  • Removable Backup Media
  • Servers
  • Web Computing
  • Broadband
  • Grid
  • OS / 2
  • Novell Netware
  • Unix Networking
  • Windows Networking
  • Security
  • Telecommunications
  • Operating Systems
  • Linux Networking
Other
  • Lounge
  • Business Travel
  • Community Support
  • New Net Users
  • Philosophy / Religion
  • Math / Science
  • Miscellaneous
  • URLs
  • Expert Lounge
  • Politics
  • Puzzles / Riddles
  • Automotive
Community Support
  • Suggestions
  • New to EE
  • New Topics
  • CleanUp
  • Announcements
  • General
  • Feedback
  • Input
  • EE Bugs
 
02.10.2008 at 08:09AM PST, ID: 20861492

Rank: Wizard

rsivanandan:
Best solution would be to rework and change the ip subnet on the remote site.

The other solution would be to nat the remote side subnet to something else while connected through VPN.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00808c9950.shtml

The link above should show you how to approach the second option.

Cheers,
Rajesh
Accepted Solution
 
02.10.2008 at 06:43PM PST, ID: 20863678
tourist08:
Now would I have to change anything as far as DNS on the remote site?  Because I'm curious how the remote site will see the Exchange server on the main site as if it were on the same network (so outlook can be setup without having to use OWA) or will the VPN setup handle this?  I'm going to try all this tomorrow but for now I'm just trying to get an idea how it will all come together.  
 
02.12.2008 at 07:00PM PST, ID: 20881310

Rank: Wizard

rsivanandan:
Why are you deleting this question? Did you go through the link, the problem you have is not just one unique you have, actually a lot of networks do have this.

As far as your DNS and other servers go, routing takes care of all of that. For example, it is not necessary to have the DNS server on the same subnet as your network is.

Cheers,
Rajesh
 
02.13.2008 at 12:13PM PST, ID: 20887672
tourist08:
Sorry I got a little jumpy with deleting the question.  You were right though two subnets is easier.  Can I still reward you points?
 
 
rsivanandan
02.13.2008 at 05:14PM PST, ID: 20890086
Try it out and lemme know.

Cheers,
Rajesh

Thnx for the points.
 
 
tourist08
02.13.2008 at 05:41PM PST, ID: 20890243
I tried it out and with a little tweaking with the firewall(thanks to batryboy) and conditional forwarding with the DNS serves everything is good.  What I wanted to get with my question was basically some ideas of different setups and difficulty ranges just to get a view on what's possible.  And when nobody really answered I figured it might have been a stupid question.  Thanks for the suggestion though, that's what worked.  
 
 
 
20080716-EE-VQP-33 / EE_QW_2_20070628