Solved

VPN between 10 remote offices and and 50 connections

Posted on 2011-09-19
12
590 Views
Last Modified: 2013-11-16
Our office that has a Windows 2000 Server using Routing and remote access to connect 50 user spread among 10 remote offices.  Security is a concern and we need to replace with a cost effective solution.   Right now every connects to the Server using MS VPN connection.  From there a front end application on each machine accessing a separate linux server on the network

0
Comment
Question by:dbeayon
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
12 Comments
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 36565359
Cost effective..........

Do you have a certain budget for that?
0
 

Author Comment

by:dbeayon
ID: 36566737
Here is what we are looking at...

ASA5505 with 50 client licenses that will be installed on the individual clients. Cost 500

1841SEC-K9 in main office, 861K9 in remote offices. Cost  4500

Will the ASA 5505 at a cost under $500 work?  
0
 
LVL 35

Accepted Solution

by:
Ernie Beek earned 500 total points
ID: 36566850
I'd advise you to have a 5510 at least for this (not sure of the prices at your place).
Have a look at: http://www.cisco.com/en/US/products/ps6120/prod_models_comparison.html#~mid-range
0
Building an interactive eFuture classroom

Watch and learn how ATEN provided a total control system solution including seamless switching matrix switch, HDBaseT extenders, PDU, lighting control to build an interactive eFuture classroom.

 

Author Comment

by:dbeayon
ID: 36566965
how stable are the VPN software connections?  Offices are using Road Runner business class
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 36566987
I can of course only speak from my own experience (ASA's with Cisco secure vpn clients worldwide), but I dare to say I have had little problems with that (nothing that a little tweaking couldn't resolve :).
0
 

Author Comment

by:dbeayon
ID: 36567019
I need to have the client pc's remian connected t the VPN at all times.  otherwise the front end application will crash.

Also what advantages will I get from tripling costs to the 5510?
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 36567064
Well, normal performance.

What I mean is that I am very sure a 5505 can't handle that number of vpn's. Even more (have a look at the link I posted) a 5505 has a max of 10/25 vpn connections. So if you would go for the ASA, a 5505 really isn't an option.
0
 

Author Comment

by:dbeayon
ID: 36567389
Ok.   I called Cisco, and they said that the asa 5505 will work and that there is a 50 client version that you can purchase, a stated in my original question.  "ASA5505 with 50 client licenses that will be installed on the individual clients. Cost 500"

Also gleaned from the Cisco rep, that there re only 2 VPN Tunnels sold with this price point, but more can be added in the future. so if we need to go with VPN to VPN in the future, we can
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 36567465
Remember that clients here refers to the number of machines on the inside of the ASAthat can connect through it to the internet, not external clients connecting through vpn.
I also find it interesting that in the specs they state a max of 25 vpns and a cisco (sales?) person tells you evrything is possible. It might be theoretically possible, but how about performance?
0
 

Author Closing Comment

by:dbeayon
ID: 36567519
5510 it is
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 36567632
Imho that is the wisest choice.

Thanks for the points.
0

Featured Post

Don't miss ATEN at NAB Show April 24-27!

Visit ATEN at NAB Show to learn how our "Seamlessly Entertaining" solutions deliver fast, precise video streaming without delays for the broadcasting and media environment. ATEN will showcase its 16x16 Modular Matrix Switch (VM1600) and KVM Over IP Solution (KE6900 series).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

From Cisco ASA version 8.3, the Network Address Translation (NAT) configuration has been completely redesigned and it may be helpful to have the syntax configuration for both at a glance. You may as well want to read official Cisco published AS…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question