Solved

Network configuration, design or software fix?

Posted on 2003-11-18
2
431 Views
Last Modified: 2013-12-07
Scenario:

Our customer support department head wants to give his employees access to our network from the outside from anywhere in the world.  Solution: VPN  However, after the guys connect to our network, they want the ability to remotely control our support systems and use them to create another VPN tunnel into some of our customers networks to troubleshoot our products.  Problem:  when the vpn tunnel is created into the customer site, the vpn tunnel created to remotely control the support machines is lost.  

The company is small, so we're looking for a low-cost solution.  I know there are all sorts of things wrong with the way we are going about this, but I thought I would pick your brains for suggestions.
0
Comment
Question by:omneonbell
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 7

Accepted Solution

by:
Robing66066 earned 90 total points
ID: 9775966
I would be tempted to put a VPN concentrator on the inside of your network and connect your employees to that using VPN client software.  From there, the user would use a remote takeover package (Such as Window's Remote Desktop Connection) to access your support systems.  From those systems, use client based VPN software (installed on the local device) to tunnel into your customer's network.  You will have to make sure that your VPN software doesn't close off outside connections when it establishes a connection.  I believe this is referred to as "split tunnelling".    

You can pick up a Cisco 1711 router as your VPN concentrator.  For a high-end name, it is reasonably priced.  If it is still too pricey, there are lower end alternatives.  Windows Remote Desktop is free, but is limited on what operating systems it will work (servers mostly).  If you want to control lower end operating systems, you may need to look at something like VNC or PCAnywhere on the support systems.

It's a little complicated, but it touches every base...

Good luck!
0
 
LVL 18

Assisted Solution

by:chicagoan
chicagoan earned 35 total points
ID: 9776021
On the cheep, if you're going to be connecting to a variety of VPNs, you might consider setting up a terminal server inside for your remote employees with two NIC's on two seperate networks. Route your VPN DHCP network to one and set the other as the default on the terminal server, on which you can load the VPN clients you need for your customer, effectively segmenting your VPN traffic from the clients.
0

Featured Post

Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
Let’s list some of the technologies that enable smooth teleworking. 
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question