Solved

VPN Box Model

Posted on 2008-06-25
14
620 Views
Last Modified: 2012-06-27
I am looking for a simple VPN box for my home connectivity.
I want a product apart from Cisco, Juniper, Nortel, NEC & Linksys.
Could anyone specify me with any other product for my VPN ? I am looking for a low end product.

0
Comment
Question by:RajeevSrikant
  • 7
  • 7
14 Comments
 
LVL 28

Expert Comment

by:Jan Springer
Comment Utility
I like the Cisco ASA 5505.  On CDW (I believe), it runs around $420.
0
 

Author Comment

by:RajeevSrikant
Comment Utility
how can i make the IP Sec tunnel between two VPN devices where both the devices are receiving dynamic IPs from different ISPs.



0
 
LVL 28

Expert Comment

by:Jan Springer
Comment Utility
I would think that you would use the dynamic crypto map statements with pre-shared keys and authentication (username, password) configured.
0
 

Author Comment

by:RajeevSrikant
Comment Utility
there is a option called Dynamic dns through which this can be achieved.
Could any one help me in understating how dynamic DNS works with IPSec in scenario where both the sides of the VPN devices are receiving IP address from DHCP
0
 
LVL 28

Expert Comment

by:Jan Springer
Comment Utility
Actually, you both setup crypto maps specifying dynamic remote (no peer address).  Use a pre-shared key.

Since you both have Internet access (to reach each other), just use the DNS server that you would normally use that is specified in  your workstation configuration.  This should not change unless I am misunderstanding what it is that you are trying to accomplish.
0
 

Author Comment

by:RajeevSrikant
Comment Utility
My requirement is as follows

I have two sites. In both the sites i have broadband internet connectivity. I receive DHCP IP from the service provider. I want to connect these two sites via IP sec VPN

How this can be achieved.
0
 
LVL 28

Expert Comment

by:Jan Springer
Comment Utility
So, is the question, how do I connect to a remote location when I don't know its IP? It doesn't matter if the IP is obtained via DHCP.  It does matter if the provider does not assign a publicly routed IP.

And do the providers expire and change your IP from time to time?  If that's the case, even a public IP will require a reconfiguration at both ends.  If it's not a public IP on at least one end, I just don't see that this workable.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:RajeevSrikant
Comment Utility
The dynamic IP address assigned is public at both the ends.
0
 
LVL 28

Expert Comment

by:Jan Springer
Comment Utility
So, you can create a point-to-point vpn bearing in mind that, if or when the IP of one end changes, you will need to update your peer statement with the new IP.  I wouldn't bother with dynamic crypto statements.
0
 

Author Comment

by:RajeevSrikant
Comment Utility
There is one option i explored which is the DDNS, through which we can regiested the hostname to the IP in websites like http://www.dyndns.com/
0
 
LVL 28

Expert Comment

by:Jan Springer
Comment Utility
dynamic crypto works with a firewall at one end (and a fixed configuration) and a client  with a dynamic IP at another end that initiates the connection.

I do not believe that you can set the peer with a hostname.
0
 

Author Comment

by:RajeevSrikant
Comment Utility
have a look at this website

http://www.dyndns.com/
0
 
LVL 28

Expert Comment

by:Jan Springer
Comment Utility
I'm familiar with dyndns.com.  What I can't find is any configuration option that suggests that, with the Cisco product, you can set a peer by hostname.
0
 

Accepted Solution

by:
RajeevSrikant earned 0 total points
Comment Utility
Cisco linksys VPN box supports it. I have tested it.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
IP Phones with SonicWall 6 68
Cisco ASA 5510 VPN Bandwidth Throttling 8 99
Sophos UTM Endpoint VPN 2 28
ASA AnyConnect tunneling 3 15
When you connect to your workplace's VPN, you may not notice that you are using your workplace's servers to serve up webpages.  This might be undesirable since the workplace can log all the places you've been.  It also might be very slow to load pag…
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now