?
Solved

VPN across the internet

Posted on 2003-10-29
6
Medium Priority
?
209 Views
Last Modified: 2010-03-18
Our Company is just about to setup a new office, we are installing a 2Mb adsl line to our ISP via  a BT (cisco) router, we have a win2k domain with 2 x 2Mb bound channel to the ISP with a Cisco router with a VPN snapin.

As this new office is going to be used for Young Adult learners (18 - 24) we dont want them to access the main resources of the HQ headoffice but we would like to access them incase for support issues & updates to various tools (AV etc.....), we would like to log www access. We would like to use a new standalone w2k domain

current idea/s

Each workstation & the server will create a before logon VPN tunnel.

Any other ideas ?????????????

thanks

Kelvin
0
Comment
Question by:RSKel
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
6 Comments
 
LVL 11

Expert Comment

by:ewtaylor
ID: 9642588
Hmm you could create a router to router tunnel, and force all traffic out of your main connection, this would allow you to monitor internet activity. You could use windows security to protect your hq resources.  In other words keep a couple of machines that are on the learner domain in your HQ that way you could get access to the server.
0
 
LVL 5

Accepted Solution

by:
abhatnagar earned 1000 total points
ID: 9643563
I agree with ewtaylor. Just set up a point to point router connection from your HQ edge router to your remote site router using VPN for security. Then attach an access list to the tunnel from your HQ edge router. Just make sure the private addressing at both sites don't collide with one another. If you want to make the Internet available to the remote site then do this in one of two ways. 1. Setup split tunneling at the remote site router or 2. Proxy everything to your HQ and route it that way.
0
 

Author Comment

by:RSKel
ID: 9644651
My Boss does not want the learns domain www traffic to hit our backbone, ie... use the ISP as an ISP.

Pain aint he !!
0
 
LVL 11

Assisted Solution

by:ewtaylor
ewtaylor earned 1000 total points
ID: 9645610
You should be ok, if you find traffic up it is only like an additional 3 lines to add split tunneling

http://www.cisco.com/en/US/products/sw/cscowork/ps3994/products_user_guide_chapter09186a00800e45c1.html
0

Featured Post

Simple, centralized multimedia control

Watch and learn to see how ATEN provided an easy and effective way for three jointly-owned pubs to control the 60 televisions located across their three venues utilizing the ATEN Control System, Modular Matrix Switch and HDBaseT extenders.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
An article on effective troubleshooting
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question