Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Keeping same IP over VPN

Reply
Thread Tools

Keeping same IP over VPN

 
 
johnny021@hotmail.com
Guest
Posts: n/a
 
      12-14-2006
We have four office locations that we need to VPN together all of them
have NS5GT Firewalls. What we want at all four location is the same LAN
IP scheme.

For eg; 10.1.2.x scheme

All locations have static WAN IP. What kind of VPN would be recommended
and if possible steps to implement them at all four locations.

Thanks

 
Reply With Quote
 
 
 
 
Walter Roberson
Guest
Posts: n/a
 
      12-14-2006
In article <(E-Mail Removed). com>,
<(E-Mail Removed)> wrote:
>We have four office locations that we need to VPN together all of them
>have NS5GT Firewalls. What we want at all four location is the same LAN
>IP scheme.


>For eg; 10.1.2.x scheme


>All locations have static WAN IP. What kind of VPN would be recommended
>and if possible steps to implement them at all four locations.


You posted a question involving Checkpoint firewalls to a Cisco
newsgroup, so I will answer in terms of Cisco equipment.

With Cisco PIX, ASA, FWSM, or regular Firewall Feature Set on
routers, you would not be able to do this if all of the NS5GT
are connecting to the same interface via IPSec, and if all of the
NS5GT are sending the same untranslated IP range to the Cisco
equipment. You could possibly get things to work under those
conditions if the NS5GT could connect out via PPTP to the
Cisco device: each PPTP connection would be allocated a different
point-to-point link address.

If you can get the NS5GT's to NAT the IPs as they send it over
the VPN towards the Cisco equipment, each NS5GT to a different
source address (or source net), then all of the Cisco equipment
types listed above would be able to handle the situation.

However, if you were to use the Cisco equipment as a hub to
cross-connect the traffic for the four offices, all tunneling to the
same interface, then you would you would need a relatively new IOS
version for the Cisco routers (12.4 probably, 12.3T just might have
the capability), and you would need PIX software version 7.x
(which is not available for all the PIX models currently being sold.)

Cisco has example configurations of setting up VPNs when there are
overlapping address ranges, and a few times in the past I have posted
PIX configurations for this purpose. I have not, though, posted
any hub-and-spoke configurations.

Cisco has a feature in newer router IOS versions, DMVPN,
Dynamic Multipoint VPN, which would be well suited for a spoke and
hub configuration, but it probably requires Cisco equipment at all
points.


If you are asking about cross-connecting the four NS5GT -without-
using any additional equipment, then you have asked in the wrong
newsgroup
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
VOIP over VPN over TCP over WAP over 3G Theo Markettos UK VOIP 2 02-14-2008 03:27 PM
VPN site to site & Remote access VPN ( vpn client) over the same interface pasatealinux Cisco 1 12-17-2007 07:41 PM
IE bug (downloading the same image over and over) OBAFGKM_RNS@yahoo.com Javascript 5 04-17-2007 04:55 PM
DatagramSocketChannel returning same data over and over Michael Ansel Java 5 11-04-2006 02:42 AM
Web Crystal Report repite the same line over an over in the webserver Cesar Zam ASP .Net 0 11-06-2003 09:30 PM



Advertisments