Security Basics mailing list archives
RE: VPN overkill?
From: "Keith Bucknall" <keith.bucknall () zen co uk>
Date: Wed, 17 Nov 2004 07:52:53 -0000
Ted Hi here, I would like to add my views on this as I am responsible for over 45 VPN connections from our remote offices into a central office. Before I joined my boss had a very basic setup with ADSL (cheap) routers, client side VPN DUN and a windows 2000 server as the concentrator. We have slowly moving forward with cisco 837 routers, site to site VPN's where the clients can be part of the interal IP schema. In researching this I proposed the following, a 505 Concentrator in the main office with a separate 2MB line (due to the number of offices with have), with either a small Pix or 837 in the remote locations. Now I know that if you already have a Pix the 515e can support up to 100 connections but I am told if you terminate more than 50 then performance can be an issue. Hope this helps Keith -----Original Message----- From: Ted A [mailto:arcturous () hotmail com] Sent: 16 November 2004 22:17 To: security-basics () securityfocus com Subject: VPN overkill? All, First off, good fun reading this list. Some really great advice and good thinkers on here. Thanks for the great questions and great answers. So here's my issue. I have an IT infrastructure manager who has raised a requirement I find myself questioning. We have a goal of connecting a remote office to a central office via a VPN. This manager insists that only acceptable way to accomplish this is by connecting 2 VPN concentrators. I debate this, noting that a PIX should be more than capable of handling this connection at the remote office and the only place the concentrator is needed is at the central office. Am I completely off my rocker, thinking that a second concentrator for a single connection is a little overboard? Thoughts? Thanks, Ted
Attachment:
smime.p7s
Description:
Current thread:
- VPN overkill? Ted A (Nov 16)
- RE: VPN overkill? Tom Milliner (Nov 17)
- RE: VPN overkill? David Gillett (Nov 17)
- RE: VPN overkill? Ted A (Nov 18)
- RE: VPN overkill? Keith Bucknall (Nov 17)
- Re: VPN overkill? Jamie Schmidt (Nov 17)
- Re: VPN overkill? Gautam R. Singh (Nov 18)
- <Possible follow-ups>
- RE: VPN overkill? Thomas F. Szabo (Nov 17)
- RE: VPN overkill? Jim McBurnett (Nov 17)
- RE: VPN overkill? Ted A (Nov 17)
- RE: VPN overkill? Thomas F. Szabo (Nov 17)
- RE: VPN overkill? Gary Freeman (Nov 17)
- RE: VPN overkill? d'Ambly, Jeff (Nov 17)
- RE: VPN overkill? Jeff Gercken (Nov 17)
- RE: VPN overkill? Gary Freeman (Nov 17)
(Thread continues...)