Multi site VPN through DSL + T1

[netjunky]

I have to start a multi site VPN connection with the main site having a t1 connection and the other sites (7) having DSL. The domain controller is at the main site. I am trying to set it up where the satellite sites connect to the main site where it authenticates and grants access to the internet and other resources. I know the satellite sites have DSL and can get out to internet but I want to prevent unauthorized access to it. I want to be able to keep this as secure & stable as possible. I was told by peers to use pix501 at satellites and the pix 506 at the main site.

Thanks in advance.

 

[ChicagoTechNet]

So, you may need to split-tunnel. This may help. quoted from

http://www.chicagotech.net

How to setup split-tunnel on Cisco PIX

To setup VPN for Cisco VPN clients on Cisco PIX, you add the following lines:
access-list split permit ip 10.1.0.0 255.255.0.0 192.168.1.0 255.255.255.0
ip local pool bigpool 192.168.1.1-192.168.1.254
vpngroup vpn3000 address-pool bigpool
vpngroup vpn3000 dns-server yourdns
vpngroup vpn3000 wins-server yourwins
vpngroup vpn3000 default-domain cisco.com
vpngroup vpn3000 split-tunnel split
vpngroup vpn3000 idle-time 1800
vpngroup vpn3000 password ********


Robert Lin, MS-MVP, MCSE & CNE
Windows, Network, Internet, VPN, Routing and How to at

http://www.ms-mvps.com