Re: backup solution for VPN

From: Nick Shah (nshah@xxxxxxxxxxxxxx)
Date: Wed Mar 13 2002 - 18:44:26 GMT-3

• Next message: Tshon: "Re: RIP load balancing"
• Previous message: Nick Shah: "Re: IPSec, GRE, and Transport Mode"
• Maybe in reply to: alee@xxxxxxxxx: "backup solution for VPN"
• Next in thread: Larson, Chris (Contractor): "RE: backup solution for VPN"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
you can set up a full fledged VPDN (on dialup lines). I think with
WINNT/2K you can actually terminate sessions on the server, allow dialin
users to access the services/shared drives etc. There would be similar
options for *NIX.

in nutshell...

* users dialin to the NAS
* get auth'ed (use NT/NIX for auth.)
* tunnel is established (ip address is given to the incoming session)
* simply keep the ip address to be the same as the internal network , so the
host and server will be on the same segment

there are many ways to configure this (including satisfying the whims of the
staunchest security concious peeps)

hth
Nick
-----Original Message-----
From: alee@cccis.com <alee@cccis.com>
To: ccielab@groupstudy.com <ccielab@groupstudy.com>
Date: Thursday, 14 March 2002 5:14
Subject: backup solution for VPN

>Hi all,
>
>It may not be CCIE related question. But I think this is a good one for
>network design solution. My company has VPN provided by Nortel which
>currently has around 400 user licenses and we are looking for backup
>solution for VPN for around 16 people mainly for admins. That means, if
>our VPN gateway or T1 circuit to VPN fails, then we need sort of mechanism
>which will allow people to dial in and connected to our network remotely.
>Well, it's not only connect to our network devices, but also network
>drives. And our budget is tight for this year, so we may only spend less
>than $500 per month for the backup solution for VPN. ISDN may not be an
>option since it's too pricey for around 16 people. Someone from Cisco
>suggested get 16 Async-port module since we already have some spare 2600
>routers. But I assume, that kind of module will only allow me to dial in
>remotely and manage routers and switches, but not able to get into our
>network drives. I will appreciate it if someone can share their thoughts
>or experience. Thanks.
>
>
>
>Arthur
>CCNP, CCDP, CCIE written

• Next message: Tshon: "Re: RIP load balancing"
• Previous message: Nick Shah: "Re: IPSec, GRE, and Transport Mode"
• Maybe in reply to: alee@xxxxxxxxx: "backup solution for VPN"
• Next in thread: Larson, Chris (Contractor): "RE: backup solution for VPN"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:57:03 GMT-3