11-12-2012 02:28 PM
I am getting ready to setup an RVS4000 so we can use the VPN functionality of it, but I am not quite sure of the correct way to integrate it into our network though. I do not need site to site, just the client portion of it for a few salesmen/off site people to use. I have never used or setup a VPN before, so I'm learning everything as I go along.
We are in the middle of switching our ISP and I am waiting to set this up until the new service is live so I can test it prior to moving the rest of the company to the new ISP.
We are switching to Comcast, and will have 5 static IP's available to use. Currently, the firewall does all our NAT and is the forward facing device on our network. I would like to leave the firewall in place (although I am setting up a new firewall for the new internet connection) and have th RVS 4000 sit behind it and receive VPN traffic from a WAN to LAN rule We currently have a 192.168.100.0/24 network.
Do I need to setup another /24 network for the VPN to function behind (and still have access to the 100.X network), or is there a way to allow everyone who connects to receive a 100.X ip address from our DHCP server. I'm not sure how to set everything up with the WAN/LAN connections on the RVS4000 to acheive this.
We are running a domain on a 2008R2 server. The clients will be using laptops that are already part of the domain, if that will make a difference.
Thanks ahead to time for any help!
Kevin
11-18-2012 01:54 AM
Hi,
For the RVS4000 you will want to make sure that you apply one of your public static IP address to the WAN interface of the device. This may mean that you will need some configuration on your current firewall to ensure that a public IP address is assigned to the RVS. I would talk to the administrators of your firewall to make sure this is a possibility before completing any further planning. The answer could affect which direction to take the network.
Thank you,
Jason Nickle
11-19-2012 06:58 AM
I don't believe the firewall has that functionality in it (to directly assign an external IP address to something on the LAN side of it). The modem we will be receiving from Comcast does have a 5 port switch built into it, so I think I could just assign one of the 5 static addresses to the RVS WAN interface. (I'm open to other ideas if you think of something)
Thanks
Kevin
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide