cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
193
Views
10
Helpful
4
Replies
Highlighted
Beginner

VPN Questions from a complete noob..

I'll start by saying I have next to no experience with VPNs, aside from connecting to them from time-to-time.

 

We're looking at purchasing/setting up a VPN for remote access and I had a couple of questions. We'll probably only start w/ 20-30 users connecting, but that will steadily increase over time, with no idea of where we'll max out at.

 

1)  Do I need a concentrator? From what I've researched, they seem made more for large numbers of people connecting at a time.  Any suggestions on good ones for, lets say 200 max, users (if i need one)?

 

2) With VPN connections, is it possible to map a specific user logging in to a specific IP address/subnet on the inside network? Or would I need to setup multiple VPN connections and have users connect to whichever maps to the network that I want them in?

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
VIP Advisor

Re: VPN Questions from a complete noob..

Hi,

No you don't necessarily need to have a dedicated VPN concentrator, large organsiations do for separation of roles rather than have one device do everything, this helps reduce complexity.

 

You can purchase the Cisco Firepower 1000 series firewalls, datasheet here. The FP1010 model support maximum 75 VPN peers, the 1020 model supports 150 VPN peers and the 1040 supports up to 400 VPN peers. You should purchase based on your maximum connections, so you might need to purchase the 1040

 

To assign a static IP address to users if you use LDAP to authenticate you can follow this guide, or alternatively if you use RADIUS follow this guide.

 

HTH

View solution in original post

4 REPLIES 4
Highlighted
VIP Advisor

Re: VPN Questions from a complete noob..

Hi,

No you don't necessarily need to have a dedicated VPN concentrator, large organsiations do for separation of roles rather than have one device do everything, this helps reduce complexity.

 

You can purchase the Cisco Firepower 1000 series firewalls, datasheet here. The FP1010 model support maximum 75 VPN peers, the 1020 model supports 150 VPN peers and the 1040 supports up to 400 VPN peers. You should purchase based on your maximum connections, so you might need to purchase the 1040

 

To assign a static IP address to users if you use LDAP to authenticate you can follow this guide, or alternatively if you use RADIUS follow this guide.

 

HTH

View solution in original post

Highlighted
Beginner

Re: VPN Questions from a complete noob..

@Rob Ingram Do they allow multiple pools on the inside with different subnets? ie, 192.168.15.0/24, 192.168.25.0/24?

Highlighted
VIP Advisor

Re: VPN Questions from a complete noob..

Yes, you can have multiple VPN pools or you can even use DHCP, this can be configured statically or dynamically via RADIUS.

HTH
Highlighted
Beginner

Re: VPN Questions from a complete noob..

Thanks! You're great, and thanks for answering my total noob question. Much appreciated.