Hello VPN,

I just joined this list, reviewed the last few months of messages.
Since I plan to deploy my first site to site VPN, can I get some peer
review?

Main site: T-1, fixed-ip, Cisco PIX 501 as the firewall, 192.168.20.x
subnet mask 255.255.255.0 ... All my servers are here.

RemoteSite one: Cable modem, fixed-ip, Linksys BEFVP41 VPN router,
192.168.10.x subnet mask 255.255.255.0 ... This remote site is a
learning center with a few staff members and some computers for the kids
to use.

My plan:

1. change subnet at main site to 255.255.0.0 ... But continue to use
192.168.20.x addresses for the local machines.

2. configure the PIX to allow the IPSEC to pass thru the PIX, and reach
a BEFVP41 router that is numbered 192.168.20.20 on the main network.

3. configure another BEFVP41 at the remote site to tunnel all the
traffic not destined for 192.168.10.x to the main site, where it is
caught by the BEFVP41

4. all done!

Can it be this easy! I plan to have 10 to 20 remote sites eventually...
Each one would get a different 192.168.NNN.x range.

I have a grant request in to buy better gear, Watchguard or Sonicwall,
to replace the PIX... Comments?

Thanks in advance!

--steve kneuper
Foundation communities
Info tech manager - one man shop - busy!
_______________________________________________
VPN mailing list
VPN@lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/vpn