Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

adtran ta 608, cisco pix 501, win2k3 server, virtual private networking

Posted on 2005-04-25
3
Medium Priority
?
688 Views
Last Modified: 2008-01-09
OK, here is another question to all you experts, I know you can help me learn something new.

We just got a T1 line install (the data portion anyways). They installed an AdTran TA 608 router. We have a Cisco PIX 501 firewall, and a Windows 2003 Server.

Installation went fine and the internet is very fast. Now for the fun stuff.

In order for the AdTran to port forward, I have to call the ISP to set that up. I asked if it wsa possible for me to do it and they will send me a username/password to login to the AdTran.

We are going to be opening another store in the near future with DSL or cable internet and 2 Windows XP Pro machines.

In our current store with the T1 we have it setup like, AdTran to outside interface of PIX, 1 inside interface to lan with server attached to lan. We are going to need a vpn so we can share a database to the other store requiring file sharing. Also employees on the road will need to take pda cellphones to get access to the database as well.
I have read that the AdTran should be connected to the Windows Server, and a 2nd nic to the lan.

Should I setup this way or am I ok? And how would I go about setting up the VPN for this situation?

I am a noobie to T1 and vpn but am learning. TIA.
0
Comment
Question by:subsis10ce
3 Comments
 
LVL 3

Assisted Solution

by:mtpcbypc
mtpcbypc earned 500 total points
ID: 13864263
Have the ISP port forward the PPTP or L2TP ports to your WAN port of the Cisco,  Then configure the Cisco to port forward those same ports to the WAN NIC on the 03 server.  Then use wizard in 03 server to create the VPN login security. Check this out. Why to pick a protocol - http://www.windowsecurity.com/articles/VPN-Options.html

and these from Remond,
 
http://support.microsoft.com/default.aspx?scid=kb;en-us;816573
http://support.microsoft.com/default.aspx?scid=kb;en-us;323441
both were quite helpful with my first one.
Good luck Server 03 makes it pretty easy
0
 
LVL 4

Accepted Solution

by:
Gen2003 earned 500 total points
ID: 13866090
You can make your PIX be a VPN concentrator so people will connect to PIX and have VPN connection. Thus PIX has to be set up as VPN termination point and AdTran has to be transparent(I guess it is already transparent if your PIX has public IP on outside interface, if not ask ISP to reconfigure AdTran and PIX so PIX has public IP on outside interface). No need to connect AdTran to your LAN as it will be a serious security issue especially having PIX but bypassing it is a waste of investment in PIX.

Regards.
0
 

Author Comment

by:subsis10ce
ID: 13900861
OK, I setup the Windows 2003 Server to accept incoming VPN connections, and it works fine internaly. I *think* I setup the Cisco PIX 501 to poit VPN connections to the server, so hopefully that is ok.

I did however, contact FDN and they made me an account on the AdTran. I do not see any options for port forwarding in the AdTran.

They did setup port forward port 3389 for RDP for me but I cannot find that in the AdTran to look as an example.

But this is for another question. Thanks guys you helped me out. And those links were great as well.

Definetly I figured that the PIX should be between our lan and AdTran...
0

Featured Post

Receive 1:1 tech help

Solve your biggest tech problems alongside global tech experts with 1:1 help.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question