VPN Server--Central Router---Remote Router--PIX--50 LAN PCs with VPN Client

kvbabu · ‎07-02-2003

I have 50 users in my LAN with VPN Client installed.

Remote Site is connected to Central Site through INTERNET.

I have onely one Public IP available to me. I want to go for PAT (NAT) at remote site to connect to the Central Site Servers.

I want to have VPN Tunnel between client to Server.

Is this possible? If so, plz let me know how to go ahed for configuring it?

Regards

K V Babu

mostiguy · ‎07-03-2003

your best bet is to have a router or firewall at the remote site, and have it make a vpn tunnel to the central site. what do you have for a router/firewall at that site?

kvbabu · ‎07-06-2003

Thnaks for the info.

But our client requirement is to have VPN tunnel up to the client end from server. Can we do it? If so plz let me know how to do it.

According to client requirement there will be 50 VPN Tunnels to the central server one from each client. But I have only one Public Address to go through INTERNET. I am planing to go for PAT (NAT) at remote site PIX Firewall. In this scnario will the above requirement can be fulfilled or not?

Regards

K V Babu

mostiguy · ‎07-07-2003

If you are running pix os 6.3, which supports NAT-T, I think it would work. Be sure to enable the udp option on the software client, which will allow it to negotiate nat-t with the pix.

It is a ridiculous setup however. If the remote pc's vpn client breaks, gets disconnected, etc, there is no way for the PIX site to admin that pc remotely.