Re: HELP!!!

svalenzuela · ‎11-21-2001

My company has a client who currently has 2 offices connected by a private T1 using Pix at each site.

This client now is adding a 3rd office and wants to be able to connect to the other 2 offices using a VPN through the internet. They also want to be able to allow 4 mobile users the ability to use VPN from their own home ISP. I

First, is this possible?

Second, anyone have an idea on where I can get documentation or help implementing this? I have never set up a VPN before.

Third, are there any good books out there on Cisco Pix and VPN's? If so, can I have the ISBN #'s?

If anyone needs a diagram of what I am trying to explain above please email me at: svalenzuela@westech1.com and Ill send it to you.

Thx for your help,

Junior

8callaire · ‎11-22-2001

I think the way to go here is implementing a "full-mesh" VPN network through your 3 Internet entry points. I think that answers the feasibility. Adding VPN client is no problem either as long as you make sure that their "policies" will be delt after your VPN sites. Because your mobile users are bound not to have the same IP addresses each time they connect to the Internet, it's very important that those "wild card" source addresses are being treated AFTER the more precise and well-known Site addresses.

On the second and third point, I feel that the Cisco examples from the CCO would be more than sufficient to accomplish your task. I've delt with Cisco VPN for a very long time and , although there were errors in the configuration examples a year ago or so, the examples are now very mature and are exposing the solutions to your questions,

In the hope that this will help,

Charlieboy