Solved

VPN between 10 remote offices and and 50 connections

Posted on 2011-09-19
12
589 Views
Last Modified: 2013-11-16
Our office that has a Windows 2000 Server using Routing and remote access to connect 50 user spread among 10 remote offices.  Security is a concern and we need to replace with a cost effective solution.   Right now every connects to the Server using MS VPN connection.  From there a front end application on each machine accessing a separate linux server on the network

0
Comment
Question by:dbeayon
  • 6
  • 5
12 Comments
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 36565359
Cost effective..........

Do you have a certain budget for that?
0
 

Author Comment

by:dbeayon
ID: 36566737
Here is what we are looking at...

ASA5505 with 50 client licenses that will be installed on the individual clients. Cost 500

1841SEC-K9 in main office, 861K9 in remote offices. Cost  4500

Will the ASA 5505 at a cost under $500 work?  
0
 
LVL 35

Accepted Solution

by:
Ernie Beek earned 500 total points
ID: 36566850
I'd advise you to have a 5510 at least for this (not sure of the prices at your place).
Have a look at: http://www.cisco.com/en/US/products/ps6120/prod_models_comparison.html#~mid-range
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:dbeayon
ID: 36566965
how stable are the VPN software connections?  Offices are using Road Runner business class
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 36566987
I can of course only speak from my own experience (ASA's with Cisco secure vpn clients worldwide), but I dare to say I have had little problems with that (nothing that a little tweaking couldn't resolve :).
0
 

Author Comment

by:dbeayon
ID: 36567019
I need to have the client pc's remian connected t the VPN at all times.  otherwise the front end application will crash.

Also what advantages will I get from tripling costs to the 5510?
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 36567064
Well, normal performance.

What I mean is that I am very sure a 5505 can't handle that number of vpn's. Even more (have a look at the link I posted) a 5505 has a max of 10/25 vpn connections. So if you would go for the ASA, a 5505 really isn't an option.
0
 

Author Comment

by:dbeayon
ID: 36567389
Ok.   I called Cisco, and they said that the asa 5505 will work and that there is a 50 client version that you can purchase, a stated in my original question.  "ASA5505 with 50 client licenses that will be installed on the individual clients. Cost 500"

Also gleaned from the Cisco rep, that there re only 2 VPN Tunnels sold with this price point, but more can be added in the future. so if we need to go with VPN to VPN in the future, we can
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 36567465
Remember that clients here refers to the number of machines on the inside of the ASAthat can connect through it to the internet, not external clients connecting through vpn.
I also find it interesting that in the specs they state a max of 25 vpns and a cisco (sales?) person tells you evrything is possible. It might be theoretically possible, but how about performance?
0
 

Author Closing Comment

by:dbeayon
ID: 36567519
5510 it is
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 36567632
Imho that is the wisest choice.

Thanks for the points.
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question