Solved

Network configuration, design or software fix?

Posted on 2003-11-18
2
429 Views
Last Modified: 2013-12-07
Scenario:

Our customer support department head wants to give his employees access to our network from the outside from anywhere in the world.  Solution: VPN  However, after the guys connect to our network, they want the ability to remotely control our support systems and use them to create another VPN tunnel into some of our customers networks to troubleshoot our products.  Problem:  when the vpn tunnel is created into the customer site, the vpn tunnel created to remotely control the support machines is lost.  

The company is small, so we're looking for a low-cost solution.  I know there are all sorts of things wrong with the way we are going about this, but I thought I would pick your brains for suggestions.
0
Comment
Question by:omneonbell
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 7

Accepted Solution

by:
Robing66066 earned 90 total points
ID: 9775966
I would be tempted to put a VPN concentrator on the inside of your network and connect your employees to that using VPN client software.  From there, the user would use a remote takeover package (Such as Window's Remote Desktop Connection) to access your support systems.  From those systems, use client based VPN software (installed on the local device) to tunnel into your customer's network.  You will have to make sure that your VPN software doesn't close off outside connections when it establishes a connection.  I believe this is referred to as "split tunnelling".    

You can pick up a Cisco 1711 router as your VPN concentrator.  For a high-end name, it is reasonably priced.  If it is still too pricey, there are lower end alternatives.  Windows Remote Desktop is free, but is limited on what operating systems it will work (servers mostly).  If you want to control lower end operating systems, you may need to look at something like VNC or PCAnywhere on the support systems.

It's a little complicated, but it touches every base...

Good luck!
0
 
LVL 18

Assisted Solution

by:chicagoan
chicagoan earned 35 total points
ID: 9776021
On the cheep, if you're going to be connecting to a variety of VPNs, you might consider setting up a terminal server inside for your remote employees with two NIC's on two seperate networks. Route your VPN DHCP network to one and set the other as the default on the terminal server, on which you can load the VPN clients you need for your customer, effectively segmenting your VPN traffic from the clients.
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
setting up a wifi network with public access for a restaurant 4 77
what is mstp 6 61
IR 1023 Scanning 4 50
VLAN 1 Line Protocol Down 9 33
Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question