Setting up remote to site ip sec VPN (Actiontech FIOS/Cisco ASA 5505)


I have a FIOS Actiontech router and static IP along with Cisco ASA 5505 appliance and want the ability for 3 or 4 users to connect from anywhere via the internet to the site utilizing a secure ip sec or SSL connection. There are no servers at the site, just a peer to peer Wintel network. Must be able to use RDS, print to site printers and access multiple systems/shared drives etc. What is the best route to take without being super complicated?

Who is Participating?
nmcnairConnect With a Mentor Commented:
Quick question/recommendation for the FiOS setup. Are you using or planning to ever use the FiOS tv service? If not then I would ditch the actiontec router. With a single static ip, the actiontec is going to use that ip unless you put it in "bridge mode" which in my experience is problematic with FiOS. Verizon has put what they call an niu (network interface unit) somewhere in your building. That's where the fiber terminates. They have 2 options from there, they can run coax from that box to your suite or they can run straight Ethernet. By default they go with coax and terminate on the actiontec which you need if your using their tv service as well. If not I would have them run the Ethernet option which eliminates the need for the actiontec. They can run Ethernet from the niu straight to your ASA, no modem/router needed. Then you can put the public ip on the Asa's outside interface. You will have to ask Verizon to come back out to switch you from coax to Ethernet but its a better setup. If you are going to use the tv service and need the actiontec then leave it on coax and order a block of ips so you don't have to attempt to bridge or use nat to allow connections back to your ASA.
Ernie BeekExpertCommented:
Well, there will always be a certain level of complexity ;)

If the ASA has a public IP you could terminate the VPNs on that. There are several ways to do this. Have a browse through:
And have a look at: Remote Access VPN, Easy VPN, SSL VPN/Web VPN, etc.

The choice might be complicated ;)
AskJeeves2112Author Commented:
Thanks for both replies - I appreciate it!
All Courses

From novice to tech pro — start learning today.