- Community Home
- >
- Networking
- >
- Legacy
- >
- Switches, Hubs, Modems
- >
- Re: Question about branch office
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-18-2007 03:29 PM
тАО04-18-2007 03:29 PM
Question about branch office
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-18-2007 07:03 PM
тАО04-18-2007 07:03 PM
Re: Question about branch office
If it will be an ADSL/Broadband connection i would set the branch office up as a seperate subent and use th ASA to route between the two. That way, only traffic that needs to go to the main site will be sent over the VPN.
I set something very similar up using a Cisco PIX 515 to terminate the VPNs and Cisco 800 series ADSL routers at the remote sites, i then had HP2524's to connect the extra devices at the remote sites.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-19-2007 02:36 AM
тАО04-19-2007 02:36 AM
Re: Question about branch office
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-19-2007 05:08 AM
тАО04-19-2007 05:08 AM
Re: Question about branch office
in terms of AD and file sharing, there will be no problem logging on from the remote office, the idea is that for the users it would seem as if they are logging on normally.
You would need to use a seperate router to terminate the VPN to the ASA device, you could then configure the router to be in a seperate subnet to your main network and make sure that all traffic destined for the AD etc. is encapsulated and sent down the VPN tunnel.
It would probably be simplest to use the ASA to toute between the 2 subnets, using a static route.
I can;t see a way of getting the 2600 switches to do all of the routing, as you will need a router in the middle somewhere to establish the VPN tunnel...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-19-2007 05:57 AM
тАО04-19-2007 05:57 AM
Re: Question about branch office
Then add a router at the remote office and create static routes to send traffic from remote office to main office. and then could use the 2626's for a vlan?
Thanks...sorry for the newbie questions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-20-2007 04:49 PM
тАО04-20-2007 04:49 PM
Re: Question about branch office
Terminating the VPN tunnel in your case means, creating a Site-to-Site VPN tunnel.
In your case, and if you have the VPN software on the ASA5505, i would do all the VPN job there, so i can create the correct policies, and define the sire to site VPN and define static routes or policy based ones on the ASA to send specific traffic to the Head office.
And of course on the branch office's router you need to forward any VPN session to the ASA to be terminated.
In most cases, when you have a Firewall/VPN capable device, use it for terminating VPN sessions, and leave the WAN router doing other things unless you need to do it on the router for some reason like compatibility issues.....
Good Luck !!!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-23-2007 09:02 AM
тАО04-23-2007 09:02 AM
Re: Question about branch office
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-23-2007 07:46 PM
тАО04-23-2007 07:46 PM
Re: Question about branch office
I would make them different VLANs purely from an admin point of view.
Even though the switches at each site will not be aware of each others VLANs, it makes it easier to reference each site as a seperate VLAN. (If this makes sense!!!)
It is not neceesary to make them seperate VLANS however, the setup will work quite happily if you leave all the hosts in the default VLAN.
Cheers
Jonboy