VPN Recommendation

benkl1 · ‎09-30-2003

Hi, I am a total newcomer to this so any advice is much appreciated. I have a main office with 18 users. These users are connected to a Catalyst 2900 XL switch and use it to connect to our server to access file shares and Exchange. We have two remote sites, one with 3 users and the other with 2. We also have 3 home users that connect. I want all remote usrs to be able to conncect over VPN to the server in the main office. I have purchased a 501 to firewall the main office and am wondering if it will be enough horsepower to also handle the VPN connections. I have the 50U and 3DES bundle. Is the 501 enough or do I need to upgrade and maybe place the 501 at one of the remote sites? Also, how do I go about setting up software-VPN connections? Thank you for the help.

mostiguy · ‎09-30-2003

You will be all set. With recent PIX OS (6.2+), a 501 can support 10 concurrent tunnels. You will use 2 for each of the remote sites, it sounds like - this will leave 8 possible tunnels for end users to use.

I would be shocked if 8 tunnels were not enough for your users - I have a lot more users than you, and 6 or 7 is about the most concurrent connections I have seen here.

jayson.talaga · ‎09-30-2003

Actually, I believe that the increase to 10 tunnels on the PIX501 was in the 6.3.3 release:

Increased Number of IPSec VPN Peers Supported on the PIX 501 Security Appliance

PIX Firewall Version 6.3 increases number of site-to-site and remote access VPN peers supported on the PIX 501 from 5 to 10, enabling greater VPN scalability in small office, home office (SOHO) environments.

Jayson