[c-nsp] Remote Parking Gates VPN to Campus Network with 3G

schilling schilling2006 at gmail.com
Tue Apr 13 10:09:02 EDT 2010


We have a project of connecting 30+ remote parking gates to our PCI
private network(MPLS L3VPN in our case). These parking gates will not
have direct ethernet connection, nor within our campus wireless
coverage. So we are thinking of using 3G celluar network like Verizon,
ATT etc to have network connection, then  using VPN to tunnel the
traffic from these gates to our existing PCI private network.

If we have a dedicated ASA, we could do LAN-to-LAN tunnel with either
Cisco ISR 880 3G or any Digi WAN VPN family, but we are concerned
about the provisioning and managing over 30 LAN-to-LAN tunnels. And
shared ASA will not be able to isolate the traffic to PCI private
network.

Is there any device which can do integrated VPN client and 3G? EOS
Cisco 3002 VPN hardware client could do the first requirement, but not
the second one.
3G requirement is obvious. The reason for integrated VPN client is for
easy management and traffic steering.  If we can have a VPN client on
the device to initiate a VPN connection to our Cisco VPN server, then
NAT LAN connection thru the obtained VPN address,  We just need a VPN
group for all of these parking gates. If we use Lan-to-Lan tunnel,
then the management overhead is much higher compared with VPN client.
Doing VPN client, we can use our existing VPN server to steer the
traffic thru the MPLS L3VPN for PCI client with PIX/ASA: Multiple VPN
Group Clients to use Different VLANs after Connecting to a Security
Appliance Configuration Example.

Any thought on any device with integrated VPN client and 3G? Or what
will you do with similar project?

Thanks,

Schilling


More information about the cisco-nsp mailing list