Cisco VPN Client W/ Windows 2K VPN Server or RRAS

[jamesch]

Going to propose a solution that our employees are and have been asking for, the concept of accessing files from our network, at a remote location such as a hotel, to our network.

We have a mixed environment, Novell Netware, and MS 2K and 2003 server, Also ISA 2000/04. We have Cisco PIX 515, with 2610 router.

Q: Can we use the Cisco VPN Client, in conjunction with MS VPN client through/or RRAS. We want maximum security, as my boss seems not ready for this technology, but I feel with the right setup and security, and the employees asking for it, we should be ready to implement.
Any recommendations?

Thanks, James

 

[Supergrrover]

Use the Cisco vpn client to the pix and have it do AAA to a radius server. That is about as secure as you can get. With the pix you can assign ACLs to restrict traffic to specific servers for specific groups of users. I recommend disabling split tunneling (not so much for viruses but for trojans and remote control programs.) After that, just make sure you have your servers locked down.

Make sure you have an IT policy in place and signed stating among other things that all computers/users allowed remote access will have proper anti-virus, firewalls, etc.



Brent
Systems Engineer / Consultant
CCNP, CCSP