10-26-2009 05:35 AM
This is probably a very simple question, but I'll ask anyway!
I have a couple of clients that want to set up a home office configuration providing a PC, wireless and VOIP handset configuration, providing the same functionality as though they were in the office.
At the main office, I have an ISR 877 providing a basic ASDL connection and connected to that I have an ASA5505 providing the firewall, VPN access etc.
I'm thinking that I can install a ISR 851 or similar at the home site, which will have it's WAN port connected to the existing Broadband router. I can then create a VPN connection (IPSec or Site-to-site?) to the main office through the ASA and hey presto, I have some happy users!!
The things that I want to clarify are:
1) Can the ISR 851 connected to an existing Broadband router through the FE, thus making a little secure business subnetwork within their home network.
2) Am I going to need an IP at the home end? Or would I ensure the connection through the VPN through other means?
3) Are there other, better ways to do this?
Bear in mind that there isn't a huge budget to change the main office setup. I really want to buy an ISR, configure and install....
Thanks in advance for any help...
Campbell Thompson
Solved! Go to Solution.
10-26-2009 06:40 AM
You do not need a public IP if you use EZVPN:
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080808395.shtml
We used this once for a customer who had only one IP terminated on the router. We configured EZVPN on an ASA5505 but this should work with IOS routers as well.
regards,
Leo
10-26-2009 05:55 AM
The ADSL at mainoffice is a potential bottleneck. You will probably need more bandwidth in outward direction.
regards,
Leo
10-26-2009 06:23 AM
The ADSL is business class, with low contention and reasonable upload speeds so I don't think it's going to be too much of an issue as I'm only looking at two or possibly three users.
I'm more interested in the configuration and how that's going to work...
10-26-2009 06:40 AM
You do not need a public IP if you use EZVPN:
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080808395.shtml
We used this once for a customer who had only one IP terminated on the router. We configured EZVPN on an ASA5505 but this should work with IOS routers as well.
regards,
Leo
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide