config help please

I have the following setup:
SITE 1 SITE 2
PCs -> 1548 -> 2501 (lline) (T1) <-1602R <-2950 <- PIX 515E <- PCs

I want to do away with the Leased line (ISDN I think) at site 1, which
connects to site 2, and replace it with a DSL and do a VPN site-to
site. (Site 2 also has Internet connection)

What do I need to change out equipment wise, and how easy is this to
configure. I would also like to do a roaming VPN connection to Site 2
across the net.

Thanks,
Steven Cohn

Steven

If lline = leased line then it isn't an isdn link, but more likely a T1
or fractional T1. You can setup ipsec vpn tunnels between any of the
current cisco router line and another router or pix. You can go to
cisco.com and use the IOS Feature Search to find out if the 2501
supports an fw/3des (ipsec) capable image - I doubt it. At site 2 you
could terminate the vpn on the pix....not sure why you have the pix
behind a switch..I guess the switch is for your outside machines.

You can create a vpnclient config on the 515E as well. There are plenty
of sample cfg docs for this on the cisco site.

Steven wrote:
> I have the following setup:
> SITE 1 SITE 2
> PCs -> 1548 -> 2501 (lline) (T1) <-1602R <-2950 <- PIX 515E <- PCs
>
> I want to do away with the Leased line (ISDN I think) at site 1, which
> connects to site 2, and replace it with a DSL and do a VPN site-to
> site. (Site 2 also has Internet connection)
>
> What do I need to change out equipment wise, and how easy is this to
> configure. I would also like to do a roaming VPN connection to Site 2
> across the net.
>
> Thanks,
> Steven Cohn

Bill F

Bill - Thanks, here is more info:
The lline is indeed ISDN. There is alos another 1601 at site 2 for
the Internet T1. The PIX is configured on a VLAN which puts it
between the T1 and everything else.

So when I replace teh ISDN with DSL, how do I connect to it? the 2501
is a serial interface device, so I imagine that in order to talk to
the DSL modem I will need to replace it, but with what? This site
only has 4 PCs, relatively low traffic most of the time.

Thanks again.
Steve Cohn

Bill F <> wrote in message news:<>...
> If lline = leased line then it isn't an isdn link, but more likely a T1
> or fractional T1. You can setup ipsec vpn tunnels between any of the
> current cisco router line and another router or pix. You can go to
> cisco.com and use the IOS Feature Search to find out if the 2501
> supports an fw/3des (ipsec) capable image - I doubt it. At site 2 you
> could terminate the vpn on the pix....not sure why you have the pix
> behind a switch..I guess the switch is for your outside machines.
>
> You can create a vpnclient config on the 515E as well. There are plenty
> of sample cfg docs for this on the cisco site.
>
> Steven wrote:
> > I have the following setup:
> > SITE 1 SITE 2
> > PCs -> 1548 -> 2501 (lline) (T1) <-1602R <-2950 <- PIX 515E <- PCs
> >
> > I want to do away with the Leased line (ISDN I think) at site 1, which
> > connects to site 2, and replace it with a DSL and do a VPN site-to
> > site. (Site 2 also has Internet connection)
> >
> > What do I need to change out equipment wise, and how easy is this to
> > configure. I would also like to do a roaming VPN connection to Site 2
> > across the net.
> >
> > Thanks,
> > Steven Cohn

Steven

(Steven) wrote in message news:< om>...
> Bill - Thanks, here is more info:
> The lline is indeed ISDN. There is alos another 1601 at site 2 for
> the Internet T1. The PIX is configured on a VLAN which puts it
> between the T1 and everything else.
>
> So when I replace teh ISDN with DSL, how do I connect to it? the 2501
> is a serial interface device, so I imagine that in order to talk to
> the DSL modem I will need to replace it, but with what? This site
> only has 4 PCs, relatively low traffic most of the time.
>
> Thanks again.
> Steve Cohn
>
> Bill F <> wrote in message news:<>...
> > If lline = leased line then it isn't an isdn link, but more likely a T1
> > or fractional T1. You can setup ipsec vpn tunnels between any of the
> > current cisco router line and another router or pix. You can go to
> > cisco.com and use the IOS Feature Search to find out if the 2501
> > supports an fw/3des (ipsec) capable image - I doubt it. At site 2 you
> > could terminate the vpn on the pix....not sure why you have the pix
> > behind a switch..I guess the switch is for your outside machines.
> >
> > You can create a vpnclient config on the 515E as well. There are plenty
> > of sample cfg docs for this on the cisco site.
> >
> > Steven wrote:
> > > I have the following setup:
> > > SITE 1 SITE 2
> > > PCs -> 1548 -> 2501 (lline) (T1) <-1602R <-2950 <- PIX 515E <- PCs
> > >
> > > I want to do away with the Leased line (ISDN I think) at site 1, which
> > > connects to site 2, and replace it with a DSL and do a VPN site-to
> > > site. (Site 2 also has Internet connection)
> > >
> > > What do I need to change out equipment wise, and how easy is this to
> > > configure. I would also like to do a roaming VPN connection to Site 2
> > > across the net.
> > >
> > > Thanks,
> > > Steven Cohn


Could probably do it with a Cisco 831, if the provider also provides
the DSL modem. If not, check the 837 but make sure it is compatible
with the type of DSL service you are getting. This is like the SOHO
line of Cisco routers, but for four users, it should be perfect. Get
the PLUS image and read up on Cisco Easy VPN.

Kevin Widner