Firewall Wizards mailing list archives
Re: Site to siteVPN between public ip and private ip
From: "David Swafford" <dswafford () alterhighschool org>
Date: Mon, 29 May 2006 08:41:32 -0400
Hi Mutthu, This is an interesting senerio. Please correct me if I am assuming incorrectly on any of this. From what I have read it seems that basically your office in CA has no control over the router/firewall at that location (nor do you), in addition they are probably running off of some type of dynamic pulic IP situation (it is a small or large facility?). Personally I think it is very scary to think that you are doing business and using another company's network to handle your data (besides a service provider). In this situation you are basically not able to control what is going into or out of the CA office, this includes massive virues/worms that could spread from other users in the same logical network (though maybe not from your company but from others sharing it with you). My personal suggestion would be to get a separate dedicated interent connection for your office only and not use the "provided" one. Then you can setup however you would like. If its a small office then this isn't all that much money, maybe look at getting a business class DSL line with a static IP for the firewall/router. Then you can configure VPN from endpoint to endpoint whatever firewall you might be using. If you end up getting a separate router then you could place the firewall in the DMZ at your remote office and VPN through that. Also question for you --- "We have now bought a program which is not support to run on TS, so we now have to giveup the TS and find the way to connect the CA to NYC". Do you mean Terminal Server or T1 serial leased lines? I was not sure what you menat by this. David A. Swafford Archbishop Alter High School Information Technology Team, Network Engineer A Cisco CCNA and a CompTIA Network+ and Security+ Certified Professional -----------------------------------------------------------------------------------------
ratna1504 () yahoo com >>>
We have HQ in NYC and a remote office in CA, the users in CA office in another companies's network(landloard is providing internet connection). At present our CA user's PC are getting NATed ip (10.0.10.*) from landload's network to connect to internet then they are using RDP to connect our NYC office.. We have now bought a program which is not support to run on TS, so we now have to giveup the TS and find the way to connect the CA to NYC. We now want to setup VPN. is it possible to setup VPN, if our CA pix get private ip for it's external interface? thank you for your help in Advance. Mutthu --------------------------------- Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls. Great rates starting at 1ยข/min. _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Site to siteVPN between public ip and private ip Ratna Thurairatnam (May 28)
- Re: Site to siteVPN between public ip and private ip Ben Nagy (May 30)
- Re: Site to siteVPN between public ip and private ip Sanford Reed (May 31)
- <Possible follow-ups>
- Re: Site to siteVPN between public ip and private ip David Swafford (May 29)
- Re: Site to siteVPN between public ip and private ip Horvath, Kevin M. (May 30)