cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1223
Views
5
Helpful
4
Replies

About VPN

francisgamo
Level 1
Level 1

Hello experts,

     Just a simple question to clear out my doubts.

I have Microsoft Grait Plains which i want to implement as our ERP system, I have two branches that i want to get connected to my HQ wherein my SQL server is being hosted, the problem is, these two branch is using same ISP through 4G, and my HQ is subscribed to another ISP which uses a DSL connection.

Q: what are needed to connect all my corporate network using site to site VPN.

1 Accepted Solution

Accepted Solutions

Jouni Forss
VIP Alumni
VIP Alumni

Hi,

Cant really comment regardning the 4G

For L2L VPN between the different branches the basic requirement would be to have a static public IP address that you can configure on a device doing the L2L VPN in each branch office.

If the public IP address of the VPN device is Dynamic, it will require a bit more planning and configuring depending if you are going to use routers or firewalls.

Are you planning on using Cisco ASA/PIX firewalls perhaps on the branches or do they already have some devices you were planning on using?

Using one central Cisco ASA firewall and perhaps ASA5505 at the remote side would give you a chance to rather easily connect all the 3 sites (through the central ASA) without needing Static Public IP addresses at the smaller branches.

- Jouni

View solution in original post

4 Replies 4

Jouni Forss
VIP Alumni
VIP Alumni

Hi,

Cant really comment regardning the 4G

For L2L VPN between the different branches the basic requirement would be to have a static public IP address that you can configure on a device doing the L2L VPN in each branch office.

If the public IP address of the VPN device is Dynamic, it will require a bit more planning and configuring depending if you are going to use routers or firewalls.

Are you planning on using Cisco ASA/PIX firewalls perhaps on the branches or do they already have some devices you were planning on using?

Using one central Cisco ASA firewall and perhaps ASA5505 at the remote side would give you a chance to rather easily connect all the 3 sites (through the central ASA) without needing Static Public IP addresses at the smaller branches.

- Jouni

Hello Mr.Jouni,

        Thanks a lot for your answer, by the way in my current set up, i have Cisco1841 in HQ and Cisco 1800 in my two more branches, are those devices would be enough for my purpose?

Thanks,

francis

Hi,

Unfortunately I have very little expirience doing VPN with routers (mostly just the configurations format for VPN/NAT/etc is abit rusty when I almost only deal with ASA and some other Cisco firewall/VPN devices)

On router side I have used both 1841+3G-HWIC and C881G for 3G + EasyVPN implementations.

I guess it might be possible to configure the 1841 as the central VPN server and connect the branch routers to it as NEM clients (Network extension mode) or with L2L VPN if you have static public IP address on the branch routers.

I have to admit also that I'm not sure how the VPN capabilities with Cisco routers go. For example can your routers do VPN or do they need some certain router software/license to use them.

- Jouni

Hello,

   yes they are capable for VPN, just upgrading their IOS through cisco smartnet, thank you so much, I will ask my ISP for the public ip of my networks and i'll try to proceed with the configuration.

Francis