Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

VPN across the internet

Posted on 2003-10-29
6
Medium Priority
?
216 Views
Last Modified: 2010-03-18
Our Company is just about to setup a new office, we are installing a 2Mb adsl line to our ISP via  a BT (cisco) router, we have a win2k domain with 2 x 2Mb bound channel to the ISP with a Cisco router with a VPN snapin.

As this new office is going to be used for Young Adult learners (18 - 24) we dont want them to access the main resources of the HQ headoffice but we would like to access them incase for support issues & updates to various tools (AV etc.....), we would like to log www access. We would like to use a new standalone w2k domain

current idea/s

Each workstation & the server will create a before logon VPN tunnel.

Any other ideas ?????????????

thanks

Kelvin
0
Comment
Question by:RSKel
  • 2
4 Comments
 
LVL 11

Expert Comment

by:ewtaylor
ID: 9642588
Hmm you could create a router to router tunnel, and force all traffic out of your main connection, this would allow you to monitor internet activity. You could use windows security to protect your hq resources.  In other words keep a couple of machines that are on the learner domain in your HQ that way you could get access to the server.
0
 
LVL 5

Accepted Solution

by:
abhatnagar earned 1000 total points
ID: 9643563
I agree with ewtaylor. Just set up a point to point router connection from your HQ edge router to your remote site router using VPN for security. Then attach an access list to the tunnel from your HQ edge router. Just make sure the private addressing at both sites don't collide with one another. If you want to make the Internet available to the remote site then do this in one of two ways. 1. Setup split tunneling at the remote site router or 2. Proxy everything to your HQ and route it that way.
0
 

Author Comment

by:RSKel
ID: 9644651
My Boss does not want the learns domain www traffic to hit our backbone, ie... use the ISP as an ISP.

Pain aint he !!
0
 
LVL 11

Assisted Solution

by:ewtaylor
ewtaylor earned 1000 total points
ID: 9645610
You should be ok, if you find traffic up it is only like an additional 3 lines to add split tunneling

http://www.cisco.com/en/US/products/sw/cscowork/ps3994/products_user_guide_chapter09186a00800e45c1.html
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
An article on effective troubleshooting
Integration Management Part 2
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question