[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

vpn concretrator

Posted on 2014-04-10
2
Medium Priority
?
453 Views
Last Modified: 2014-04-15
What is vpn concentrator? What device i need for this?
does vpn terminate on this device ?
to provide access to internal devices do i need to make changes to my firewall considering i have this device on my dmz?
how many users or vpn connections it can take?
can i provide dhcp on this device?
can we provide ssl vpn using this device?
0
Comment
Question by:mohannitin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 17

Accepted Solution

by:
pergr earned 2000 total points
ID: 39993496
A VPN Concentrator will terminate all VPN tunnels from remote users and/or branches.

Many firewalls can nowadays to this on the firewall itself, but some people chose to do it on a dedicated device, which may have more features and will offload the firewall to handle other things.

The tunnels are typically of two different types, either IPSec or SSL VPN.
Some vendors use different devices for "VPN Concentration" of IPSec and SSL VPN - especially for SSL VPN.

The number 1 in the market for SSL VPN termination over the last 10 years has been the Juniper SA/MAG devices, which are specifically dedicated on SSL VPN and has a rich feature set related to this, A normal Juniper firewall can not handle SSL VPN at all.

Many other vendors, such as Fortinet use exactly the same device for both firewall, IPSec termination and SSL VPN termination - and they have a reasonable feature set.

If it is a dedicated device, then yes, you would typically put it in the DMZ.

For very scalable solutions (tens of thousands of users) you would typically cluster several devices.

Yes, the device will allocate IP addresses to the VPN tunnels (although DHCP may not be the protocol used).
0
 

Author Closing Comment

by:mohannitin
ID: 40001852
thanks , awesome answer
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A few months ago I attended the Rocky Mountain IPv6 Summit which was a two-day educational event; it was the 3rd annual conference held here in Denver, Colorado that was held at the Hyatt Regency Denver at the Colorado Convention Center. It was an e…
I know for anybody starting from Beginner to Expert in Networking knows what OSI model. But this tutorial is for freshers or those who are new to networking world. Why I am putting OSI in such simple and compact manner is because it enables you to k…
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question