Solved

Network configuration, design or software fix?

Posted on 2003-11-18
2
437 Views
Last Modified: 2013-12-07
Scenario:

Our customer support department head wants to give his employees access to our network from the outside from anywhere in the world.  Solution: VPN  However, after the guys connect to our network, they want the ability to remotely control our support systems and use them to create another VPN tunnel into some of our customers networks to troubleshoot our products.  Problem:  when the vpn tunnel is created into the customer site, the vpn tunnel created to remotely control the support machines is lost.  

The company is small, so we're looking for a low-cost solution.  I know there are all sorts of things wrong with the way we are going about this, but I thought I would pick your brains for suggestions.
0
Comment
Question by:omneonbell
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 7

Accepted Solution

by:
Robing66066 earned 90 total points
ID: 9775966
I would be tempted to put a VPN concentrator on the inside of your network and connect your employees to that using VPN client software.  From there, the user would use a remote takeover package (Such as Window's Remote Desktop Connection) to access your support systems.  From those systems, use client based VPN software (installed on the local device) to tunnel into your customer's network.  You will have to make sure that your VPN software doesn't close off outside connections when it establishes a connection.  I believe this is referred to as "split tunnelling".    

You can pick up a Cisco 1711 router as your VPN concentrator.  For a high-end name, it is reasonably priced.  If it is still too pricey, there are lower end alternatives.  Windows Remote Desktop is free, but is limited on what operating systems it will work (servers mostly).  If you want to control lower end operating systems, you may need to look at something like VNC or PCAnywhere on the support systems.

It's a little complicated, but it touches every base...

Good luck!
0
 
LVL 18

Assisted Solution

by:chicagoan
chicagoan earned 35 total points
ID: 9776021
On the cheep, if you're going to be connecting to a variety of VPNs, you might consider setting up a terminal server inside for your remote employees with two NIC's on two seperate networks. Route your VPN DHCP network to one and set the other as the default on the terminal server, on which you can load the VPN clients you need for your customer, effectively segmenting your VPN traffic from the clients.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question