Solved

VPN across the internet

Posted on 2003-10-29
6
196 Views
Last Modified: 2010-03-18
Our Company is just about to setup a new office, we are installing a 2Mb adsl line to our ISP via  a BT (cisco) router, we have a win2k domain with 2 x 2Mb bound channel to the ISP with a Cisco router with a VPN snapin.

As this new office is going to be used for Young Adult learners (18 - 24) we dont want them to access the main resources of the HQ headoffice but we would like to access them incase for support issues & updates to various tools (AV etc.....), we would like to log www access. We would like to use a new standalone w2k domain

current idea/s

Each workstation & the server will create a before logon VPN tunnel.

Any other ideas ?????????????

thanks

Kelvin
0
Comment
Question by:RSKel
  • 2
6 Comments
 
LVL 11

Expert Comment

by:ewtaylor
ID: 9642588
Hmm you could create a router to router tunnel, and force all traffic out of your main connection, this would allow you to monitor internet activity. You could use windows security to protect your hq resources.  In other words keep a couple of machines that are on the learner domain in your HQ that way you could get access to the server.
0
 
LVL 5

Accepted Solution

by:
abhatnagar earned 250 total points
ID: 9643563
I agree with ewtaylor. Just set up a point to point router connection from your HQ edge router to your remote site router using VPN for security. Then attach an access list to the tunnel from your HQ edge router. Just make sure the private addressing at both sites don't collide with one another. If you want to make the Internet available to the remote site then do this in one of two ways. 1. Setup split tunneling at the remote site router or 2. Proxy everything to your HQ and route it that way.
0
 

Author Comment

by:RSKel
ID: 9644651
My Boss does not want the learns domain www traffic to hit our backbone, ie... use the ISP as an ISP.

Pain aint he !!
0
 
LVL 11

Assisted Solution

by:ewtaylor
ewtaylor earned 250 total points
ID: 9645610
You should be ok, if you find traffic up it is only like an additional 3 lines to add split tunneling

http://www.cisco.com/en/US/products/sw/cscowork/ps3994/products_user_guide_chapter09186a00800e45c1.html
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Suggested Solutions

Greetings, Experts! First let me state that this website is top notch. I thoroughly enjoy the community that is shared here; those seeking help and those willing to sacrifice their time to help. It is fantastic. I am writing this article at th…
Enterprise networks where VoIP phones have been deployed frequently use port configurations that allow both a computer and an IP phone to be plugged into the same switch port but use different VLANs. On Cisco equipment I'm referring to the "native V…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now