[c-nsp] Remote Parking Gates VPN to Campus Network with 3G

Bøvre Jon Harald Jon.Harald.Bovre at hafslund.no
Tue Apr 13 10:41:03 EDT 2010


Built something similar using DMVPN

ISR 881 connected to DMVPN HUB at C7206-G2
But a smaller ISR as DMVPN HUB should be fine


Jon Harald Bøvre

________________________________________
Fra: cisco-nsp-bounces at puck.nether.net [cisco-nsp-bounces at puck.nether.net] på vegne av schilling [schilling2006 at gmail.com]
Sendt: 13. april 2010 16:09
Til: cisco-nsp
Emne: [c-nsp] Remote Parking Gates VPN to Campus Network with 3G

We have a project of connecting 30+ remote parking gates to our PCI
private network(MPLS L3VPN in our case). These parking gates will not
have direct ethernet connection, nor within our campus wireless
coverage. So we are thinking of using 3G celluar network like Verizon,
ATT etc to have network connection, then  using VPN to tunnel the
traffic from these gates to our existing PCI private network.

If we have a dedicated ASA, we could do LAN-to-LAN tunnel with either
Cisco ISR 880 3G or any Digi WAN VPN family, but we are concerned
about the provisioning and managing over 30 LAN-to-LAN tunnels. And
shared ASA will not be able to isolate the traffic to PCI private
network.

Is there any device which can do integrated VPN client and 3G? EOS
Cisco 3002 VPN hardware client could do the first requirement, but not
the second one.
3G requirement is obvious. The reason for integrated VPN client is for
easy management and traffic steering.  If we can have a VPN client on
the device to initiate a VPN connection to our Cisco VPN server, then
NAT LAN connection thru the obtained VPN address,  We just need a VPN
group for all of these parking gates. If we use Lan-to-Lan tunnel,
then the management overhead is much higher compared with VPN client.
Doing VPN client, we can use our existing VPN server to steer the
traffic thru the MPLS L3VPN for PCI client with PIX/ASA: Multiple VPN
Group Clients to use Different VLANs after Connecting to a Security
Appliance Configuration Example.

Any thought on any device with integrated VPN client and 3G? Or what
will you do with similar project?

Thanks,

Schilling
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/



More information about the cisco-nsp mailing list