Re: VPN Set up

majunior882 · ‎02-03-2005

I am wondering, is it possible to set up vpn authentication on a firewall, but have the vpn server be the router?

Make it so:

------------|--------------|-------------

backbone router Firewall

VPN Server VPN authentication

If so, how would I go about doing it?

aacole · ‎02-03-2005

No, the authentication would have to be done either locally on the VPN server which could be a router, concentrator or firewall. The alternative is to use a radius or tacacs server, the VPN server sends the authentication details to this server which either grants or denies access.

majunior882 · ‎02-03-2005

Thanks for the response.

Second question, is it possible to have both the firewall and the router act as the vpn server. I have several public ips, but only one line coming to the office?

Third question, can I bypass the router all together and have the firewall act as the vpn server, but keep the router infront of it?

aacole · ‎02-04-2005

Yes you can have a VPN server running on both devices, I dont see a problem with doing that.

As for your 3rd question, no problem with this, the router will pass any IP traffic so long as there are no filters in place denying the IPSec protocols.