Dear Gents,
I have got two inquiries, and really would appreciate it if someone would
help:
1. I have a client that has already configured a RA VPN on one firewall to
get email service..etc, and I have configured another RA VPN on another
firewall (to get Softphone/CCTV) services. The problem is that only one
firewall is under my control. The client at home connects to one profile @ a
time to get the required services (either email on one hand) or (IP
Telephony/CCTV) on the other hand. Is there any workaround that I can allow
the client to get both services simultaneously knowing that I only control a
single firewall. I know this might sound insane but it is a case I am
facing.
2. A client has the requirement to connect 2 branches both running
data/voice services however he wants to keep the data independent of the
voice traffic. When thinking about IPSEC, as per my knowledge it is just a
single crypto map that can be tied to the interface which references a
single crypto ACL. Is there any workaround such as to do let us say 2 crypto
ACLs and two crypto maps..etc one referencing data-->data interesting
traffic and the other for voice? Another workaround I have thought of is on
the remote Router/Firewall using the no crypto sysopt command & defining
ACLs on the outside to define who can communicate with who, is this a valid
solution?
Your help is much appreciated!
Regards,
-- KJ Blogs and organic groups at http://www.ccie.netReceived on Wed Jun 23 2010 - 22:31:40 ART
This archive was generated by hypermail 2.2.0 : Sun Aug 01 2010 - 09:11:38 ART