Re: Site-to-Site VPN
- From: "WPC479" <wpc479@xxxxxxxxx>
- Date: 13 Sep 2006 13:27:28 -0700
Thanks for your answers Bob.
1. The two T1 lines are at our main office and both go into our
NetVanta router, cant split them up due to our need for the lines for
business.
2. I am honestly confused a bit, I never configured the NetVanta and
dont want to interfere with its working now. I will try to figure out
how to get the PIX 506 and 515 to work together.
3. I have static at the main office, not sure about the remote. Right
now we have DSL there with static, but might get cable and they dont
offer static. Is this a major problem?
4. Will the SBS work initially? Or should I setup a domain controller
there at the start?
Thanks.
Robert L [MVP - Networking] wrote:
1. Since you have two T1 lines, I would use one as site to site VPN.
2. You can use Cisco PIX or NetVanta to setup site to site VPN. Here is the example,
VPN between ASA and NetVanta Situation: The client creates a site to site VPN between Cisco ASA5510 and NetVanta 2054, but it doesn't work. The links to check the ASA configuration and ...
www.chicagotech.net/cisco/vpnasa&netvanta1.htm
Cisco router firewall VPN between ASA 5510 and NetVanta 2054 - Case Study · Windows 2003 cannot access remote network using Cisco VPN. Can ping from the router but not from ...
www.chicagotech.net/ciscorouter.htm
3. It is better to have static IP on both sites.
4. I would setup another domain in the remote office.
Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
"WPC479" <wpc479@xxxxxxxxx> wrote in message news:1158155109.397980.46270@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
I am working on my new project, I have asked about this before and now
ready to begin.
I want to set up a site-to-site VPN between our main office and our
remote office. I would like to give the remote office access to the
main as if they are just on a very long network cable and part of the
domain.
Our main office has the following
- 5 Windows 2003 Servers (DCs and Exhange)
- IPs 192.168.7.0
The internet connection is in this order:
1. 2 T-1 lines for data to internet.
2. AdTran Netvanta router
3. Cisco Catalyst 2912 Ethernet Switch (acts as DMZ I assume)
4. Cisco PIX 515 firewall
5. HP ProCurve Switches to users and servers
At our remote office with 15-20 users, and the remote has the
following:
- 1 Windows SBS 2003 (Will change over to Windows 2003 server if
needed)
- Internet access via DSL (with a static IP)
- Was planning to get business cable installed, but with dynamic IP
- IPs 192.168.1.0
I now have these to set up:
1. Cisco Catalyst Express 500 series (Do I even need this? Can I go
straight from dsl/cable modem to PIX)
2. Cisco PIX 506E firewall
3. HP ProCurve 2524
Do I have to upgrade the server from SBS to standard 2003 server first
and make them part of the domain?
I have documentation from cisco regarding a LAN to LAN VPN Tunnel
between 2 PIXes using PDM, and also Configuring Cisco Easy VPN with
PIX-to-PIX as Server CLient.
Since my main office PIX is already configured, I dont want to mess
anything up to disturb current and remote users.
I have never set anything like this up before, site-site or vpn. I
dont think I even need the catalyst.
Any ideas or direction?
Thanks a lot.
------=_NextPart_000_0018_01C6D717.CB2E8100
Content-Type: text/html; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable
X-Google-AttachSize: 4660
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2900.2963" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV>1. Since you have two T1 lines, I would use one as site to site VPN.</DIV>
<DIV>2. You can use Cisco PIX or NetVanta to setup site to site VPN. Here
is the example,</DIV>
<DIV> </DIV>
<DIV>
<P class=g><A class=l
href="http://www.chicagotech.net/cisco/vpnasa&netvanta1.htm";><FONT
color=#663399>VPN between ASA and <B>NetVanta</B></FONT></A>
<TABLE cellSpacing=0 cellPadding=0 border=0>
<TBODY>
<TR>
<TD class=j><FONT size=-1>Situation: The client creates a site to site VPN
between <B>Cisco</B> ASA5510 and <B>NetVanta</B> 2054, but it doesn't
work. The links to check the ASA configuration and <B>...</B><BR><FONT
color=#008000><A
href="http://www.chicagotech.net/cisco/vpnasa&netvanta1.htm";>www.chicagotech.net/<B>cisco</B>/vpnasa&<B>netvanta</B>1.htm</A>
</FONT></FONT></TD></TR></TBODY></TABLE>
<P class=g><A class=l href="http://www.chicagotech.net/ciscorouter.htm";><FONT
color=#663399><B>Cisco</B> router firewall</FONT></A>
<TABLE cellSpacing=0 cellPadding=0 border=0>
<TBODY>
<TR>
<TD class=j><FONT size=-1>VPN between ASA 5510 and <B>NetVanta</B> 2054 -
Case Study · Windows 2003 cannot access remote network using <B>Cisco</B>
VPN. Can ping from the router but not from <B>...</B><BR><FONT
color=#008000><A
href="http://www.chicagotech.net/ciscorouter.htm";>www.chicagotech..net/<B>cisco</B>router.htm</A>
</FONT></FONT></TD></TR></TBODY></TABLE></P></DIV>
<DIV>3. It is better to have static IP on both sites.</DIV>
<DIV>4. I would setup another domain in the remote office.</DIV>
<DIV><BR>Bob Lin, MS-MVP, MCSE & CNE<BR>Networking, Internet, Routing, VPN
Troubleshooting on <A
href="http://www.ChicagoTech.net";>http://www.ChicagoTech.net</A> <BR>How to
Setup Windows, Network, VPN & Remote Access on <A
href="http://www.HowToNetworking.com";>http://www.HowToNetworking.com</A> </DIV>
<BLOCKQUOTE
style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"WPC479" <<A href="mailto:wpc479@xxxxxxxxx";>wpc479@xxxxxxxxx</A>>
wrote in message <A
href="news:1158155109.397980.46270@xxxxxxxxxxxxxxxxxxxxxxxxxxx";>news:1158155109.397980.46270@xxxxxxxxxxxxxxxxxxxxxxxxxxx</A>...</DIV>I
am working on my new project, I have asked about this before and now<BR>ready
to begin.<BR>I want to set up a site-to-site VPN between our main office and
our<BR>remote office. I would like to give the remote office access to
the<BR>main as if they are just on a very long network cable and part of
the<BR>domain.<BR><BR>Our main office has the following<BR>- 5 Windows 2003
Servers (DCs and Exhange)<BR>- IPs 192.168.7.0<BR>The internet connection is
in this order:<BR>1. 2 T-1 lines for data to internet.<BR>2. AdTran Netvanta
router<BR>3. Cisco Catalyst 2912 Ethernet Switch (acts as DMZ I assume)<BR>4.
Cisco PIX 515 firewall<BR>5. HP ProCurve Switches to users and
servers<BR><BR><BR>At our remote office with 15-20 users, and the remote has
the<BR>following:<BR>- 1 Windows SBS 2003 (Will change over to Windows 2003
server if<BR>needed)<BR>- Internet access via DSL (with a static IP)<BR>- Was
planning to get business cable installed, but with dynamic IP<BR>- IPs
192.168.1.0<BR>I now have these to set up:<BR>1. Cisco Catalyst Express 500
series (Do I even need this? Can I go<BR>straight from dsl/cable modem to
PIX)<BR>2. Cisco PIX 506E firewall<BR>3. HP ProCurve 2524<BR><BR>Do I have to
upgrade the server from SBS to standard 2003 server first<BR>and make them
part of the domain?<BR><BR>I have documentation from cisco regarding a LAN to
LAN VPN Tunnel<BR>between 2 PIXes using PDM, and also Configuring Cisco Easy
VPN with<BR>PIX-to-PIX as Server CLient.<BR>Since my main office PIX is
already configured, I dont want to mess<BR>anything up to disturb current and
remote users.<BR><BR>I have never set anything like this up before, site-site
or vpn. I<BR>dont think I even need the catalyst.<BR><BR>Any ideas or
direction?<BR><BR>Thanks a lot.<BR></BLOCKQUOTE></BODY></HTML>
------=_NextPart_000_0018_01C6D717.CB2E8100--
.
- References:
- Site-to-Site VPN
- From: WPC479
- Site-to-Site VPN
- Prev by Date: Re: IAS as RADIUS
- Next by Date: Block msn messenger
- Previous by thread: Site-to-Site VPN
- Next by thread: Services for Macintosh
- Index(es):
Relevant Pages
|
|
