I will try to answer as best I can with the given info...
1 - depending on the DSL service (cablemodem?) you may need a router to get the DSL over to Ethernet for the PIX interface.
2 - You can plug the PIX directly into the 2600 router's spare ethernet, the setup to give internet access to...
You would be better off landing the IPSec tunnel on the PIX, to then give access to the internal LAN, otherwise you'll be opening up lots of holes in the PIX for access.
Either way, this will work & look pretty seamless from the clien't point of view.
Go to www.cisco.com & have a look for...
Does your client use IPSec over UDP or TCP ? Check this.
Or, check to see if your internet access can be allowed to break out locally instead of going through the corporate LAN.
Sounds like you're accessing the internet through the central site (VPN) connection, which could be controlled & denying you access.
Check your VPN client to see what networks are allowed, if it says '0.0.0.0' then you'll be using the VPN connection for internet access, not breaking out locally.
You'll probably need to enable IPSec over TCP/UDP, then set a TCP/UDP port to be used on the Central VPN device end. This port will then need to be allowed thru the Firewall as the IPSec traffic will run on it (i.e. UDP 599 ?)
Have you logged into the local machine with Domain User rights ? You'll need to.....
Try getting the VPN Client to throw up the MS-Gina before you connect in ?
You'll need a VPN client (software) or a VPN router to sit behind your Draytek DSL box to get a VPN session into your network.
Also a VPN device in the central office.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.