• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 450
  • Last Modified:

Network configuration, design or software fix?

Scenario:

Our customer support department head wants to give his employees access to our network from the outside from anywhere in the world.  Solution: VPN  However, after the guys connect to our network, they want the ability to remotely control our support systems and use them to create another VPN tunnel into some of our customers networks to troubleshoot our products.  Problem:  when the vpn tunnel is created into the customer site, the vpn tunnel created to remotely control the support machines is lost.  

The company is small, so we're looking for a low-cost solution.  I know there are all sorts of things wrong with the way we are going about this, but I thought I would pick your brains for suggestions.
0
omneonbell
Asked:
omneonbell
2 Solutions
 
Robing66066Commented:
I would be tempted to put a VPN concentrator on the inside of your network and connect your employees to that using VPN client software.  From there, the user would use a remote takeover package (Such as Window's Remote Desktop Connection) to access your support systems.  From those systems, use client based VPN software (installed on the local device) to tunnel into your customer's network.  You will have to make sure that your VPN software doesn't close off outside connections when it establishes a connection.  I believe this is referred to as "split tunnelling".    

You can pick up a Cisco 1711 router as your VPN concentrator.  For a high-end name, it is reasonably priced.  If it is still too pricey, there are lower end alternatives.  Windows Remote Desktop is free, but is limited on what operating systems it will work (servers mostly).  If you want to control lower end operating systems, you may need to look at something like VNC or PCAnywhere on the support systems.

It's a little complicated, but it touches every base...

Good luck!
0
 
chicagoanCommented:
On the cheep, if you're going to be connecting to a variety of VPNs, you might consider setting up a terminal server inside for your remote employees with two NIC's on two seperate networks. Route your VPN DHCP network to one and set the other as the default on the terminal server, on which you can load the VPN clients you need for your customer, effectively segmenting your VPN traffic from the clients.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now