IPSec VPN and adsl routers

Discussion in 'Cisco' started by jas0n, Oct 31, 2006.

  1. jas0n

    jas0n Guest

    We use XP SP2 clients with Cisco vpn client software v4.01.

    Remote sites are usally setup with a Cisco 837 adsl router, either setup
    with box-box vpn to head office or as a standard nat'd router if it is
    shared with others not from our company. When setup as nat'd router the
    remote users each use the vpn client software to connect back to head
    office.

    We are starting to have a lot of small 1-3 man remote sites wich are
    temporary in nature and dont warrant the cost/setup of an 837.

    The problem we are finding is with basic routers not supporting more
    than 1 vpn client connection back to head office - as far as I can find
    out the 837's allow upto 10 concurrent vpn sessions.

    I am trying to understand the marketing babble to find the cheaper basic
    routers that will support more of these type of vpn's.

    So, using a cisco client software connection which is setup for ipsec
    over udp what is the correct terminology when looking for a router that
    supports multiple concurrent sessions of this type?

    I am looking for something that supports approx 5-8 which would cover
    most, if not all of these smaller sites.
     
    jas0n, Oct 31, 2006
    #1
    1. Advertising

  2. jas0n

    Uli Link Guest

    jas0n schrieb:
    > We use XP SP2 clients with Cisco vpn client software v4.01.
    >
    > Remote sites are usally setup with a Cisco 837 adsl router, either setup
    > with box-box vpn to head office or as a standard nat'd router if it is
    > shared with others not from our company. When setup as nat'd router the
    > remote users each use the vpn client software to connect back to head
    > office.
    >
    > We are starting to have a lot of small 1-3 man remote sites wich are
    > temporary in nature and dont warrant the cost/setup of an 837.
    >
    > The problem we are finding is with basic routers not supporting more
    > than 1 vpn client connection back to head office - as far as I can find
    > out the 837's allow upto 10 concurrent vpn sessions.
    >
    > I am trying to understand the marketing babble to find the cheaper basic
    > routers that will support more of these type of vpn's.
    >
    > So, using a cisco client software connection which is setup for ipsec
    > over udp what is the correct terminology when looking for a router that
    > supports multiple concurrent sessions of this type?
    >
    > I am looking for something that supports approx 5-8 which would cover
    > most, if not all of these smaller sites.
    >


    If the IPsec is done by the clients instead of the router you can use a
    Soho97 instead of the 837. The main difference is the lack of 3DES
    hardware encryption, you don't need, if encryption is done client-side.

    --
    Uli
     
    Uli Link, Nov 1, 2006
    #2
    1. Advertising

  3. jas0n

    stephen Guest

    "Uli Link" <> wrote in message
    news:45489bc3$0$30316$-online.net...
    > jas0n schrieb:
    > > We use XP SP2 clients with Cisco vpn client software v4.01.
    > >
    > > Remote sites are usally setup with a Cisco 837 adsl router, either setup
    > > with box-box vpn to head office or as a standard nat'd router if it is
    > > shared with others not from our company. When setup as nat'd router the
    > > remote users each use the vpn client software to connect back to head
    > > office.
    > >
    > > We are starting to have a lot of small 1-3 man remote sites wich are
    > > temporary in nature and dont warrant the cost/setup of an 837.
    > >
    > > The problem we are finding is with basic routers not supporting more
    > > than 1 vpn client connection back to head office - as far as I can find
    > > out the 837's allow upto 10 concurrent vpn sessions.


    Try using TCP encap on the VPN link (only done this on VPN 3ks, so may not
    be directly applicable).

    each translation on the NAT router should be kept separate as they are
    different TCP links.

    only drawback is that if perf really drops off for a user, it doesnt recover
    very quickly.
    > >
    > > I am trying to understand the marketing babble to find the cheaper basic
    > > routers that will support more of these type of vpn's.
    > >
    > > So, using a cisco client software connection which is setup for ipsec
    > > over udp what is the correct terminology when looking for a router that
    > > supports multiple concurrent sessions of this type?


    "Cisco" ? :)
    > >
    > > I am looking for something that supports approx 5-8 which would cover
    > > most, if not all of these smaller sites.
    > >

    >
    > If the IPsec is done by the clients instead of the router you can use a
    > Soho97 instead of the 837. The main difference is the lack of 3DES
    > hardware encryption, you don't need, if encryption is done client-side.
    >
    > --
    > Uli

    --
    Regards

    - replace xyz with ntl
     
    stephen, Nov 1, 2006
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Jason
    Replies:
    5
    Views:
    8,298
    Jason
    Nov 8, 2003
  2. Ali
    Replies:
    2
    Views:
    1,025
    chris
    Nov 5, 2003
  3. jmark
    Replies:
    0
    Views:
    488
    jmark
    Apr 27, 2004
  4. mw
    Replies:
    2
    Views:
    3,285
  5. -pau.fr
    Replies:
    0
    Views:
    718
    -pau.fr
    Oct 29, 2006
Loading...

Share This Page