Solved

VPN across the internet

Posted on 2003-10-29
6
202 Views
Last Modified: 2010-03-18
Our Company is just about to setup a new office, we are installing a 2Mb adsl line to our ISP via  a BT (cisco) router, we have a win2k domain with 2 x 2Mb bound channel to the ISP with a Cisco router with a VPN snapin.

As this new office is going to be used for Young Adult learners (18 - 24) we dont want them to access the main resources of the HQ headoffice but we would like to access them incase for support issues & updates to various tools (AV etc.....), we would like to log www access. We would like to use a new standalone w2k domain

current idea/s

Each workstation & the server will create a before logon VPN tunnel.

Any other ideas ?????????????

thanks

Kelvin
0
Comment
Question by:RSKel
  • 2
6 Comments
 
LVL 11

Expert Comment

by:ewtaylor
ID: 9642588
Hmm you could create a router to router tunnel, and force all traffic out of your main connection, this would allow you to monitor internet activity. You could use windows security to protect your hq resources.  In other words keep a couple of machines that are on the learner domain in your HQ that way you could get access to the server.
0
 
LVL 5

Accepted Solution

by:
abhatnagar earned 250 total points
ID: 9643563
I agree with ewtaylor. Just set up a point to point router connection from your HQ edge router to your remote site router using VPN for security. Then attach an access list to the tunnel from your HQ edge router. Just make sure the private addressing at both sites don't collide with one another. If you want to make the Internet available to the remote site then do this in one of two ways. 1. Setup split tunneling at the remote site router or 2. Proxy everything to your HQ and route it that way.
0
 

Author Comment

by:RSKel
ID: 9644651
My Boss does not want the learns domain www traffic to hit our backbone, ie... use the ISP as an ISP.

Pain aint he !!
0
 
LVL 11

Assisted Solution

by:ewtaylor
ewtaylor earned 250 total points
ID: 9645610
You should be ok, if you find traffic up it is only like an additional 3 lines to add split tunneling

http://www.cisco.com/en/US/products/sw/cscowork/ps3994/products_user_guide_chapter09186a00800e45c1.html
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Have you ever set up your wireless router at home or in the office to find that you little pop-up bubble in the bottom right-hand corner of Windows read "IP Conflict - One of more computers on the network have been assigned the following IP address"…
Enterprise networks where VoIP phones have been deployed frequently use port configurations that allow both a computer and an IP phone to be plugged into the same switch port but use different VLANs. On Cisco equipment I'm referring to the "native V…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question