PIX VPN and Linksys RV016

Hey all,

Kind of an annoying issue. We currently have a PIX506 at our Main Ottawa
Location. A PIX506 at a remote Oshawa Office, and a PIX501 at a remote
Cornwall Office. Both remote offices have a constant site-to-site VPN
tunnel going into the main office. We are running out of bandwidth at the
main office and cannot upgrade due to location issues. We have now
installed a SECOND DSL service and purchase a Linksys RV016 router that
enables multiple WAN ports/load balancing etc.


Can i still setup these site-to-site VPN's to the remote PIX501 and 506?
I'm not seeing as many configuration options in the Linksys rv016 to allow
this. There is site-to-site but I think i'll have to completly configure
the remote offices differently??

 

You can still have the site to site VPN's however I think you would
have to either a) configure the linksys to only route VPN traffic over
one of the ISP links or b) Maybe introduce a second PIX at your main
office and have a VPN from each device to the other sites.

I don't know the Linksys device at all, but if you were using a Cisco
Router in conjunction with Optimized Edge Routing you would achieve
this via option b:-

See figure 6. Case 2 :-

http://www.cisco.com/en/US/products...figuration_guide_chapter09186a008029cb84.html

Anyone else got any better ideas?


James

 

You can still have the site to site VPN's however I think you would
have to either a) configure the linksys to only route VPN traffic over
one of the ISP links or b) Maybe introduce a second PIX at your main
office and have a VPN from each device to the other sites.

I don't know the Linksys device at all, but if you were using a Cisco
Router in conjunction with Optimized Edge Routing you would achieve
this via option b:-

See figure 6. Case 2 :-

http://www.cisco.com/en/US/products...figuration_guide_chapter09186a008029cb84.html

Anyone else got any better ideas?


James

 

You can still have the site to site VPN's however I think you would
have to either a) configure the linksys to only route VPN traffic over
one of the ISP links or b) Maybe introduce a second PIX at your main
office and have a VPN from each device to the other sites.

I don't know the Linksys device at all, but if you were using a Cisco
Router in conjunction with Optimized Edge Routing you would achieve
this via option b:-

See figure 6. Case 2 :-

http://www.cisco.com/en/US/products...figuration_guide_chapter09186a008029cb84.html

Anyone else got any better ideas?


James

 

Thanks for the Reply James.

I think I may end up needing to keep the original PIX506 at the main office
Along with the Linksys but I would have prefered just the one. The problem
with configuring the linksys is that the VPN configurations don't seem very
flexible at all, I don't see anything about authentication through our
active directory which is how its setup now, I'm trying to avoid completly
re-configuring the PIX's at the remote offices.