| All Categories |
Primers
VPN, Firewall, Security ... |
Guides
HowTo, Choosing a VPN ... |
Reference
Articles, FAQs, Whitepapers ... |
Standards
Architectures, Protocols ... |
Downloads
VPN, Firewall, Security ... |
Products & Services
Hardware, Software, Services |
| Organizations |
Business
Market Research, Law ... |
| Forums |
News
Archive, Events, Newsletters ... |
|
|
| |
| VPN labs is an open community for researching, testing, reviewing, and discussing Virtual Private Networks. Get trusted, unbiased advice on just about everything related to VPN. For more detail check: How to use this site. VPN Labs - VIRTUAL PRIVATE NETWORKS - Free VPN Software and Virtual Private Network News. |
|
|
|
|
steiven
Member since:
2002-04-26 22:43:59 |  posted: 2002-04-26 23:04:14
VPN through ISDN-BRI
Dynamic IP
----------
I'm trying to set up a
VPN to HQ. That site have
leased line and Cisco
Concentrator 3000 with a
static IP address. I have
EICON DIVA LAN ISDN-BRI
Modem with dial-up
dynamic IP address and 5
workstation connected to
hub for internet sharing.
All workstation
installed Cisco Systems
VPN Client V.3.1 Rel and
the problem is once
secure the VPN connection
the workstation can not
ping my HQ and also
LAN.
But the other 4
workstation remain no
issue without secure the
VPN connetion.
Any
help or any other
solution can fix this
issue? I have looking
this solving quite some
time, but till now no one
reply me. | kattfish
Member since:
2002-04-23 23:23:32 |  posted: 2002-05-10 23:03:49
Possible Idea...
----------
Hello,
It sounds
like your 5 workstations
are gettnig IP's
dynamically. Or your
ISDN router is performing
NAT. In any case, you
will have to build a
tunnel that doesn't
require an IKE gate on
both "sides" this is
generally accomplished by
configuring the dynamic
side with a unique
identifier. Such as a
FQDN, email address, or
cert. The static side
simply waits for any
connection that has the
same normal IKE config
parameters, and the
remote id you built on
the other side. I know
that the Cisco5001 and
5002 do this wiht the
Cisco cient, but I don't
know if the 3000 series
can. Not too much
experience there with
that as the 3000 is more
if a site to site as
opposed to a dialup box.
NetScreen does this very
well indeed, but that
would req new hardware
and what not.
I'm
sure cisco has something
on their site about your
issue.
2cents |
|
