Velocity Reviews

Velocity Reviews (http://www.velocityreviews.com/forums/index.php)
-   Cisco (http://www.velocityreviews.com/forums/f27-cisco.html)
-   -   Site-to-site VPN Cisco 1811 - wireless (http://www.velocityreviews.com/forums/t707417-site-to-site-vpn-cisco-1811-wireless.html)

Robert Jacobs 12-02-2009 08:08 PM

Site-to-site VPN Cisco 1811 - wireless
 
Thank you in advance for your help, experts.

I have a family friend that owns a small company with 2 locations (10
pcs on one end, and 5 on the other). They have static IP addresses -
their internet connection is a Wireless connection (DSL and Cable not
available).

He would like to setup some way for the PCs at both locations to be
able to talk to each other. I am thinking about purchasing 2 x Cisco
1811 routers, connecting them to the ethernet connection provided by
the wireless devices located at each location, and setting up a site-
to-site VPN connection using these devices.

First of all, does this sound like something that's workable/doable?
Second, if it is doable, does anybody know these routers well enough
to tell me if it is something that I should be able to do within the
SDM (GUI), or if there will be a lot of command line configuration
required. And, finally, can anybody give me the steps I would have to
perform to get this to work properly - or a website I can go to that
will give me a step-by-step procedure to complete this task with these
routers.

We don't have a ton of money, just enough for the equipment, and want
to make sure it's something that will even be possible if the
equipment is purchased in this scenario - before delving head first
into it. And if it is possible, we want to make sure it's something
that we'll be able to actually do ourselves - hence the step-by-step
procedures requested.

I am very tech savy, and actually had my CCNA quite a few years ago,
so I know my way around most routers (for the most part). However,
things have changed, and I want to make sure I can handle this before
commiting to him.

Thanks a bunch, experts - you're my saving grace...

Robert Jacobs 12-02-2009 09:01 PM

Re: Site-to-site VPN Cisco 1811 - wireless
 
On Dec 2, 2:47*pm, Aaron Leonard <Aa...@Cisco.COM> wrote:
> ~ Thank you in advance for your help, experts.
> ~
> ~ I have a family friend that owns a small company with 2 locations (10
> ~ pcs on one end, and 5 on the other). *They have static IP addresses -
> ~ their internet connection is a Wireless connection (DSL and Cable not
> ~ available).
> ~
> ~ He would like to setup some way for the PCs at both locations to be
> ~ able to talk to each other. *I am thinking about purchasing 2 x Cisco
> ~ 1811 routers, connecting them to the ethernet connection provided by
> ~ the wireless devices located at each location, and setting up a site-
> ~ to-site VPN connection using these devices.
> ~
> ~ First of all, does this sound like something that's workable/doable?
> ~ Second, if it is doable, does anybody know these routers well enough
> ~ to tell me if it is something that I should be able to do within the
> ~ SDM (GUI), or if there will be a lot of command line configuration
> ~ required. *And, finally, can anybody give me the steps I would have to
> ~ perform to get this to work properly - or a website I can go to that
> ~ will give me a step-by-step procedure to complete this task with these
> ~ routers.
> ~
> ~ We don't have a ton of money, just enough for the equipment, and want
> ~ to make sure it's something that will even be possible if the
> ~ equipment is purchased in this scenario - before delving head first
> ~ into it. *And if it is possible, we want to make sure it's something
> ~ that we'll be able to actually do ourselves - hence the step-by-step
> ~ procedures requested.
> ~
> ~ I am very tech savy, and actually had my CCNA quite a few years ago,
> ~ so I know my way around most routers (for the most part). *However,
> ~ things have changed, and I want to make sure I can handle this before
> ~ commiting to him.
> ~
> ~ Thanks a bunch, experts - you're my saving grace...
>
> What kind of wireless are you talking about? *3G (CDMA/GSM)?
>
> That would be doable with a pair of pair of 3G-equipped 881s (or, more
> expensively, with higher end routers with 3G HWICs - but not the 1811,
> which doesn't have 3G.)http://www.cisco.com/en/US/prod/coll...0/ps10082/data...
>
> Set up the 3G cellular interface on each router to access your provider.
> Then configure the IPsec tunnel between the sites. *Should work fine.
>
> I don't know whether or not SDM can configure the whole shebang. *In any
> case, the routers should come with tech support to help you get it
> set up.
>
> Cheers,
>
> Aaron


Aaron, thanks. It's a wireless provider, not a cellular (3g)
provider. It is basically radio waves that come into the building
through a wireless receiver - and they basically give us an ethernet
port. It's practially the same thing as DSL/Cable - except it's
wireless... No cell phone cards or anything like that.

I would also like to know how to "Then configure the IPsec tunnel
between the sites. Should work fine.". That's the part I'm not sure
on, and wondering if there's maybe a step-by-step procedure? Thanks
again.

Rob 12-03-2009 09:41 AM

Re: Site-to-site VPN Cisco 1811 - wireless
 
Robert Jacobs <robertjacobsit@gmail.com> wrote:
> Aaron, thanks. It's a wireless provider, not a cellular (3g)
> provider. It is basically radio waves that come into the building
> through a wireless receiver - and they basically give us an ethernet
> port. It's practially the same thing as DSL/Cable - except it's
> wireless... No cell phone cards or anything like that.


Do they provide you with a single ethernet port where you can connect
only a single PC without providing your own router, or does the device
have multiple ports and/or you could connect your own switch and have
many pcs access the internet without further hardware and/or software?

I ask this because it is very likely that the box you got from the
provider already is a router and provides NAT functionality to translate
many internal PC addresses to a single external address.

It will be more difficult to connect another router to such a device
and then setup IPsec tunnels.

> I would also like to know how to "Then configure the IPsec tunnel
> between the sites. Should work fine.". That's the part I'm not sure
> on, and wondering if there's maybe a step-by-step procedure? Thanks
> again.


If you need to ask this, it might be better to ask a supplier to
configure everything for you, or to go with another manufacturer who
is more oriented towards do-it-yourself installation of their equipment
without too much expertise.

Robert Jacobs 12-03-2009 01:49 PM

Re: Site-to-site VPN Cisco 1811 - wireless
 
On Dec 3, 3:41*am, Rob <nom...@example.com> wrote:
> Robert Jacobs <robertjacob...@gmail.com> wrote:
> > Aaron, thanks. *It's a wireless provider, not a cellular (3g)
> > provider. *It is basically radio waves that come into the building
> > through a wireless receiver - and they basically give us an ethernet
> > port. *It's practially the same thing as DSL/Cable - except it's
> > wireless... *No cell phone cards or anything like that.

>
> Do they provide you with a single ethernet port where you can connect
> only a single PC without providing your own router, or does the device
> have multiple ports and/or you could connect your own switch and have
> many pcs access the internet without further hardware and/or software?
>
> I ask this because it is very likely that the box you got from the
> provider already is a router and provides NAT functionality to translate
> many internal PC addresses to a single external address.
>
> It will be more difficult to connect another router to such a device
> and then setup IPsec tunnels.
>
> > I would also like to know how to "Then configure the IPsec tunnel
> > between the sites. *Should work fine.". *That's the part I'm not sure
> > on, and wondering if there's maybe a step-by-step procedure? *Thanks
> > again.

>
> If you need to ask this, it might be better to ask a supplier to
> configure everything for you, or to go with another manufacturer who
> is more oriented towards do-it-yourself installation of their equipment
> without too much expertise.


-Do they provide you with a single ethernet port where you can connect
-only a single PC without providing your own router, or does the
device
-have multiple ports and/or you could connect your own switch and have
-many pcs access the internet without further hardware and/or
software?

That's a good question - I'm not really sure. I would assume it's
just a modem type device, but you know what they say about assuming.

As far as asking for a step-by-step procedure, it's not that I don't
think I would be able to figure it out myself, it's that I'd like to
see an example of performing this operation, so I can see what the SDM
looks like for this procedure. I currently maintain 3 x Cisco 2800
series routers for the company I work for, and have setup one site-to-
site vpn, however, it was done in a completely different environment,
and it's an older version of the SDM. I just want to see what the
steps look like using this particular router/SDM.

Claudio Schnell da Silva 12-03-2009 07:12 PM

Re: Site-to-site VPN Cisco 1811 - wireless
 
Robert Jacobs schrieb:
> Thank you in advance for your help, experts.
>
> I have a family friend that owns a small company with 2 locations (10
> pcs on one end, and 5 on the other). They have static IP addresses -
> their internet connection is a Wireless connection (DSL and Cable not
> available).
>
> He would like to setup some way for the PCs at both locations to be
> able to talk to each other. I am thinking about purchasing 2 x Cisco
> 1811 routers....


Hello Robert,

if you have not yet purchased the hardware - did you consider to set up
the whole thing with a little ASA5505 instead of the 1811 at each end?
It comes with a SSL webfrontend and a wizard within for setting up the
ipsec site to site.
Costs for the 2 ASAs should be less, too, I think.

Regards,
Claudio

Techno_Guy 12-03-2009 08:16 PM

Re: Site-to-site VPN Cisco 1811 - wireless
 
On Dec 3, 2:12*pm, Claudio Schnell da Silva <cschnelldasi...@gmx.net>
wrote:
> Robert Jacobs schrieb:
>
> > Thank you in advance for your help, experts.

>
> > I have a family friend that owns a small company with 2 locations (10
> > pcs on one end, and 5 on the other). *They have static IP addresses -
> > their internet connection is a Wireless connection (DSL and Cable not
> > available).

>
> > He would like to setup some way for the PCs at both locations to be
> > able to talk to each other. *I am thinking about purchasing 2 x Cisco
> > 1811 routers....

>
> Hello Robert,
>
> if you have not yet purchased the hardware - did you consider to set up
> the whole thing with a little ASA5505 instead of the 1811 at each end?
> It comes with a SSL webfrontend and a wizard within for setting up the
> ipsec site to site.
> Costs for the 2 ASAs should be less, too, I think.
>
> Regards,
> Claudio


before you do anything, I would suggest you should call the internet
provider to make sure they do not block ipsec. I have seen some
wireless providers that do.


All times are GMT. The time now is 12:25 PM.

Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.