Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Network configuration, design or software fix?

Posted on 2003-11-18
2
Medium Priority
?
446 Views
Last Modified: 2013-12-07
Scenario:

Our customer support department head wants to give his employees access to our network from the outside from anywhere in the world.  Solution: VPN  However, after the guys connect to our network, they want the ability to remotely control our support systems and use them to create another VPN tunnel into some of our customers networks to troubleshoot our products.  Problem:  when the vpn tunnel is created into the customer site, the vpn tunnel created to remotely control the support machines is lost.  

The company is small, so we're looking for a low-cost solution.  I know there are all sorts of things wrong with the way we are going about this, but I thought I would pick your brains for suggestions.
0
Comment
Question by:omneonbell
2 Comments
 
LVL 7

Accepted Solution

by:
Robing66066 earned 270 total points
ID: 9775966
I would be tempted to put a VPN concentrator on the inside of your network and connect your employees to that using VPN client software.  From there, the user would use a remote takeover package (Such as Window's Remote Desktop Connection) to access your support systems.  From those systems, use client based VPN software (installed on the local device) to tunnel into your customer's network.  You will have to make sure that your VPN software doesn't close off outside connections when it establishes a connection.  I believe this is referred to as "split tunnelling".    

You can pick up a Cisco 1711 router as your VPN concentrator.  For a high-end name, it is reasonably priced.  If it is still too pricey, there are lower end alternatives.  Windows Remote Desktop is free, but is limited on what operating systems it will work (servers mostly).  If you want to control lower end operating systems, you may need to look at something like VNC or PCAnywhere on the support systems.

It's a little complicated, but it touches every base...

Good luck!
0
 
LVL 18

Assisted Solution

by:chicagoan
chicagoan earned 105 total points
ID: 9776021
On the cheep, if you're going to be connecting to a variety of VPNs, you might consider setting up a terminal server inside for your remote employees with two NIC's on two seperate networks. Route your VPN DHCP network to one and set the other as the default on the terminal server, on which you can load the VPN clients you need for your customer, effectively segmenting your VPN traffic from the clients.
0

Featured Post

Ask an Anonymous Question!

Don't feel intimidated by what you don't know. Ask your question anonymously. It's easy! Learn more and upgrade.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Make the most of your online learning experience.
How to fix a SonicWall Gateway Anti-Virus firewall blocking automatic updates to apps like Windows, Adobe, Symantec, etc.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses

782 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question