[c-nsp] Remote Parking Gates VPN to Campus Network with 3G
schilling
schilling2006 at gmail.com
Tue Apr 13 10:58:23 EDT 2010
We talked about 880s, but the environmental operating rage of
nonoperating temperature -4 to 149F is not that promising give that we
are in Florida :-) and these parking gates are exposed outside and in
a mental box.
Schilling
On Tue, Apr 13, 2010 at 10:29 AM, Luan Nguyen <luan at netcraftsmen.net> wrote:
> You could use EZVPN client on those 880 ISRs if you choose to go the
> "client" way.
> From what I heard, it's hard to get ASA these day. If I am in your shoes, I
> would use dual ISR2 routers (for redundancy) such as 2911 instead of ASA and
> 880s to form a dual hub DMVPN/IPSEC cloud.
> 30 CPEs DMVPN shouldn't be a concern provisioning/managing wise.
>
>
> -----------------------------------
> Luan Nguyen
> Chesapeake NetCraftsmen, LLC.
> ---------------------------------
>
>
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of schilling
> Sent: Tuesday, April 13, 2010 10:09 AM
> To: cisco-nsp
> Subject: [c-nsp] Remote Parking Gates VPN to Campus Network with 3G
>
> We have a project of connecting 30+ remote parking gates to our PCI
> private network(MPLS L3VPN in our case). These parking gates will not
> have direct ethernet connection, nor within our campus wireless
> coverage. So we are thinking of using 3G celluar network like Verizon,
> ATT etc to have network connection, then using VPN to tunnel the
> traffic from these gates to our existing PCI private network.
>
> If we have a dedicated ASA, we could do LAN-to-LAN tunnel with either
> Cisco ISR 880 3G or any Digi WAN VPN family, but we are concerned
> about the provisioning and managing over 30 LAN-to-LAN tunnels. And
> shared ASA will not be able to isolate the traffic to PCI private
> network.
>
> Is there any device which can do integrated VPN client and 3G? EOS
> Cisco 3002 VPN hardware client could do the first requirement, but not
> the second one.
> 3G requirement is obvious. The reason for integrated VPN client is for
> easy management and traffic steering. If we can have a VPN client on
> the device to initiate a VPN connection to our Cisco VPN server, then
> NAT LAN connection thru the obtained VPN address, We just need a VPN
> group for all of these parking gates. If we use Lan-to-Lan tunnel,
> then the management overhead is much higher compared with VPN client.
> Doing VPN client, we can use our existing VPN server to steer the
> traffic thru the MPLS L3VPN for PCI client with PIX/ASA: Multiple VPN
> Group Clients to use Different VLANs after Connecting to a Security
> Appliance Configuration Example.
>
> Any thought on any device with integrated VPN client and 3G? Or what
> will you do with similar project?
>
> Thanks,
>
> Schilling
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
> __________ Information from ESET NOD32 Antivirus, version of virus signature
> database 5024 (20100413) __________
>
> The message was checked by ESET NOD32 Antivirus.
>
> http://www.eset.com
>
>
>
>
More information about the cisco-nsp
mailing list