dslreports logo
site
spacer

spacer
 
    All FAQs Site FAQ DSL FAQ Cable Tech About DSL Distance DSL Hurdles »»
spc

spacer




how-to block ads



Remote VPN to Office Network Using Various VPN connection technology

1. Office Network behind Cisco Router

Configure VPN on a router to support Microsoft VPN Client
Configuring Cisco Router and VPN Clients Using PPTP and MPPE
»Cisco Forum FAQ »Configure router as both Internet router and VPN Concentrator

2. Office Network behind ASA/PIX Firewall
Configuring the PIX Firewall and VPN Clients Using PPTP, MPPE and IPSec
Configuring L2TP Over IPSec Between PIX Firewall and Windows 2000 PC Using Certificates
L2TP Over IPsec Between Windows 2000/XP PC and PIX/ASA 7.2 Using Pre-shared Key Configuration Example

Note on ASA/PIX Firewall:
To keep the office network of having uninterrupted Internet connection while establishing IPSec tunnel coming in from remote users, you want to keep the "isakmp nat-traversal" command. You may need to increase the value from 20 to 30 secs (or to any value other than default) to make the regular web traffic passing while remote user VPN in.

To keep the Internet access for the remote users while IPSec VPN into the Office Network, you need to use the "vpngroup split-tunnel" command. On this command, you need to associate it with the access list that control the encrypted traffic. In other word, you may use the same access list that is used in the "nat 0 (inside)" command.

Here is the command reference list for details

ISAKMP
http://www.cisco.com/en/US/docs/security/pix/pix63/command/reference/gl.html#wp1027312

VPNGROUP
http://www.cisco.com/en/US/docs/security/pix/pix63/command/reference/tz.html#wp1099471

IPSec Remote VPN to Office Network While Maintain Internet Connection

Office Network behind Cisco router
Router Allows VPN Clients to Connect IPsec and Internet Using Split Tunneling Configuration Example
»Cisco Forum FAQ »Configure router as both Internet router and VPN Concentrator

Office Network behind PIX/ASA

1. Running 6.X image version
»Cisco Forum FAQ »Configure PIX/ASA as both Internet Firewall and VPN Concentrator
PIX-to-PIX 6.x: Easy VPN (NEM) Configuration Example

2. Running 7.X image version
»Cisco Forum FAQ »Configure PIX/ASA as both Internet Firewall and VPN Concentrator
ASA/PIX: Allow Split Tunneling for VPN Clients on the ASA Configuration Example

Discussions
»[HELP] Encryption / Key Management limits of Cisco VPN Client

Expand got feedback?

by aryoba See Profile
last modified: 2013-08-19 16:14:05