Solved

VPN across the internet

Posted on 2003-10-29
6
207 Views
Last Modified: 2010-03-18
Our Company is just about to setup a new office, we are installing a 2Mb adsl line to our ISP via  a BT (cisco) router, we have a win2k domain with 2 x 2Mb bound channel to the ISP with a Cisco router with a VPN snapin.

As this new office is going to be used for Young Adult learners (18 - 24) we dont want them to access the main resources of the HQ headoffice but we would like to access them incase for support issues & updates to various tools (AV etc.....), we would like to log www access. We would like to use a new standalone w2k domain

current idea/s

Each workstation & the server will create a before logon VPN tunnel.

Any other ideas ?????????????

thanks

Kelvin
0
Comment
Question by:RSKel
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
6 Comments
 
LVL 11

Expert Comment

by:ewtaylor
ID: 9642588
Hmm you could create a router to router tunnel, and force all traffic out of your main connection, this would allow you to monitor internet activity. You could use windows security to protect your hq resources.  In other words keep a couple of machines that are on the learner domain in your HQ that way you could get access to the server.
0
 
LVL 5

Accepted Solution

by:
abhatnagar earned 250 total points
ID: 9643563
I agree with ewtaylor. Just set up a point to point router connection from your HQ edge router to your remote site router using VPN for security. Then attach an access list to the tunnel from your HQ edge router. Just make sure the private addressing at both sites don't collide with one another. If you want to make the Internet available to the remote site then do this in one of two ways. 1. Setup split tunneling at the remote site router or 2. Proxy everything to your HQ and route it that way.
0
 

Author Comment

by:RSKel
ID: 9644651
My Boss does not want the learns domain www traffic to hit our backbone, ie... use the ISP as an ISP.

Pain aint he !!
0
 
LVL 11

Assisted Solution

by:ewtaylor
ewtaylor earned 250 total points
ID: 9645610
You should be ok, if you find traffic up it is only like an additional 3 lines to add split tunneling

http://www.cisco.com/en/US/products/sw/cscowork/ps3994/products_user_guide_chapter09186a00800e45c1.html
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A brief overview to explain gateways, default gateways and static routes OR NO - you CANNOT have two default gateways on the same server, PC or other Windows-based network device. In simple terms a gateway is formed when a computer such as a serv…
Have you ever set up your wireless router at home or in the office to find that you little pop-up bubble in the bottom right-hand corner of Windows read "IP Conflict - One of more computers on the network have been assigned the following IP address"…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question