Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

VPN with a Cisco 2611

Posted on 2004-09-27
6
Medium Priority
?
1,169 Views
Last Modified: 2008-01-09
Hello,
I work at a small company. We have 2 DC with DHCP, DNS, and AD. We also have an Exchange server and a Web server. We have a T1 line coming in and our domain is behind a Netgear firewall and the webserver is behind another Netgear firewall. We have a single new Cisco 2611 router that was here before I started and is presently not hooked up. The company has about 35 salesmen that are across 2 states that will need access to the network. Is it possible to use the Cisco router to let the salesmen VPN into the network with just client software on their end so they can connect any where there is an internet connection? And how would this be configured? The router has IOS v 12.2
0
Comment
Question by:crazijoe
  • 3
  • 2
6 Comments
 
LVL 15

Expert Comment

by:Yan_west
ID: 12164204
Why don't you use the netgear firewall to create your VPN Connection??
0
 
LVL 7

Author Comment

by:crazijoe
ID: 12164246
The Netgear firewall are FVS318. It will only support 8 tunnels. I was even thinking about replacing one of the Netgears with the Cicso.
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 2000 total points
ID: 12165077
Yes, but...
You need the IPSEC feature set on the 2611 router, which probably means a memory upgrade, both flash and DRAM - mucho $$. Plus, you have to have a CCO account with some type SmartNet to get the VPN client software.
Then you will have the problem of terminating the VPN's on the outside of the Netgear firewall and trying to permit traffic into the local LAN...
Suggest swapping out the Netgear for a Cisco PIX 506e or 515e if you can afford it. Virtually unlimited VPN client connections.
Replacing both netgears with a single 515e with DMZ interface will give you the most robust control over your network. The 515 supports up to 2000 simultaneous VPN connections. List price or Restricted license and 3 interfaces is $3695
0
The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

 
LVL 7

Author Comment

by:crazijoe
ID: 12168739
lrmoore
This is a little new to me.
So the PIX 506e will let clients remote in with just a internet connection and without the need for a VPN router on their end?
 I have seen this done at another company where the remote client will just connect to the internet through a hot spot, connecting to a cable modem, or hooking up to a phone jack through an ISP. Then clicking on a VPN connection icon on his desktop and he is in his company network.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 12168766
That is exactly how it would work using the PIX and the Cisco VPN Client.
0
 
LVL 7

Author Comment

by:crazijoe
ID: 12168800
lrmoore,
That 's what I needed to know.
Appreciate the help.
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
Unable to change the program that handles the scan event from a network attached Canon/Brother printer/scanner. This means you'll always have to choose which program handles this action, e.g. ControlCenter4 (in the case of a Brother).
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question