From: 1cmpecho (1cmpecho@hotpop.com)
Date: Tue Jan 13 2004 - 22:08:51 GMT-3
you _could_ push the vpn device back inside a little and have it forwarding
to the 2 internet devices
/cablemodem
pc's -----vpn device----tunnel--------------------------------------vpn headend
\dsl
if the tunnel is established behind the isp's - then it could maintain the
session theoretically :)
At 07:41 PM 1/13/2004 -0500, Todd Veillette wrote:
>Linksys also has one that just came out that does stateful, dhcp, 8 port
>10/100, etc, etc, and supports 50 IPSEC tunnels.
>
>-TV
>
>----- Original Message -----
>From: "Ertai Wizard" <ertai_wizard@hotmail.com>
>To: <ccielab@groupstudy.com>
>Sent: Tuesday, January 13, 2004 6:47 PM
>Subject: FW: OT:Fault tolerant CEO's home network setup.
>
>
> > Try
> >
> > Hawking FR24 Dual WAN Broadband Router - US $65.00 retail
> > Xincom Twin WAN Router (XC-DPG402) - US $200.00 retail
> > Symantec Firewall/VPN200 (a.k.a. Nexland pro800Turbo) - US $900.00
> > retail
> > etc...
> >
> > In these routers, they provide NAT (or Stateful inspection in Symantec
>kit),
> > DHCP Client IP addressing, Static Addressing, and DHCP server
>functionality.
> >
> > They provide fault tolerance; and to a limited degree, load balancing
>across
> > both WAN connections.
> >
> > Anyway, ask the customer does he watch the Red Green show? Does he need
> > duct tape? Eh? I hear you can duct tape two DSL/Cable modem routers and
> > create a new fangled contraption that might work.
> >
> > :-)
> >
> >
> >
> >
> > >From: "Andrew Moriarty" <amgroupstudy@hotmail.com>
> > >Reply-To: "Andrew Moriarty" <amgroupstudy@hotmail.com>
> > >To: ccielab@groupstudy.com
> > >Subject: OT:Fault tolerant CEO's home network setup.
> > >Date: Wed, 07 Jan 2004 00:53:20 -0500
> > >
> > >Ever have the feeling that you are missing something incredibly basic
>that
> > >will make you look stupid later? I do right now, and I hope someone can
> > >help.
> > >
> > >The scenario: The customers CEO often works from home. He accesess
>company
> > >servers in california, and he lives in Canada. Because of where he
>lives,
> > >all he can get at his house is a relatively basic DSL from one provider,
> > >and a basic cable modem setup from another. Both of these are "Home user"
> > >type setups, with addresess assigned by DHCP. The DSL provider is
> > >frequently down for a day or more. Problem is, thats the high speed
> > >connection! The cable in this area is much slower, and not much more
> > >reliable. (Don't ask me to explain why this so- it just is!- and before
> > >anyone makes any canada jokes, yes he can get a canoe at the local
> > >supermarket, all the TV netoworks carry hockey, and yes, there are wild
>elk
> > >running around in the parking lot)
> > >
> > >The CEO has a relatively robust home network- a unix based firewall, and
>a
> > >half dozen computers behind it.
> > >
> > >His goal is to have seemless fail-over, for as cheap as possilbe. He
>wants
> > >to be connected in to a contact management system all day long, and not
> > >worry about which ISP is up or down. In other words, he might buy a
>router
> > >or two, but he won't upgrade his personal "Home" service to a business
> > >class service. (its not available in that area anyways)
> > >
> > >Each ISP provides him with a public IP address. Right now he only uses
>one
> > >of them, and uses NAT on his unix firewall to provide internet access for
> > >his six machines. He wants to add the second ISP to the configuration, to
> > >povide fault tolerance.
> > >
> > >I've suggested buying a router and connecting it to both ISP's, and using
> > >one interface as the primary and one as the backup, with static routes
>and
> > >NAT.Cheap, simple solution. Problem is, if one ISP fails, there goes his
> > >public address that the NAT is using, and he'll have to log out of his
> > >contact managment software, and restart his session, potentially loosing
> > >data. He does NOT want to do that. Its no good flipping over to the
>second
> > >ISP/NAT connection, because then his public address will change, and his
> > >session will be invalid and have to start again.
> > >
> > >He doesn't have any public ip addresses inside his house, can't get any
> > >either with the services on offer in that area. He's not going to do
> > >anything complex like run BGP etc. The ISP's won't let him anyways.
> > >
> > >I'm not sure I can solve his problem, but I've got a tickle in the back
>of
> > >my mind about something, thinkingI saw this somewhere before. I even got
> > >out my Halabi and Doyle books and re-read some stuff.
> > >
> > >Does anyone have any suggestions on what to do here? Or even something to
> > >research.....
> > >
> > >am
> > >
> > >_________________________________________________________________
> > >The new MSN 8: smart spam protection and 2 months FREE*
> > >http://join.msn.com/?page=features/junkmail
> >
> >http://join.msn.com/?page=dept/bcomm&pgmarket=en-ca&RU=http%3a%2f%2fjoin.ms
>n.com%2f%3fpage%3dmisc%2fspecialoffers%26pgmarket%3den-ca
> > >
> > >_______________________________________________________________________
> > >Please help support GroupStudy by purchasing your study materials from:
> > >http://shop.groupstudy.com
> > >
> > >Subscription information may be found at:
> > >http://www.groupstudy.com/list/CCIELab.html
> >
> > _________________________________________________________________
> > Rethink your business approach for the new year with the helpful tips
>here.
> > http://special.msn.com/bcentral/prep04.armx
> >
> > _______________________________________________________________________
> > Please help support GroupStudy by purchasing your study materials from:
> > http://shop.groupstudy.com
> >
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
>_______________________________________________________________________
>Please help support GroupStudy by purchasing your study materials from:
>http://shop.groupstudy.com
>
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Mon Feb 02 2004 - 09:07:44 GMT-3