Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Need advise

Status
Not open for further replies.
Nov 1, 2005
9
US
Hello all,
I have an interesting situation that I need a little advise for. I have a network of 45 users that belong to a domain. I also have aproximately 45 remote users. We are currently using a 5meg cable connection to supply our internet and will have a Cisco PIX515 as a firewall. I will have the PIX handle the VPN connections. I would then like to set each remote machine up to vpn at bootup. This way each machine will be able to access our databases and their web serffing can be controlled by our WebSense server.

The question that I have for everyone is when a remote PC that is VPN tunnelled into us goes to surf the web will this tax my 5meg connection or the connection of the remote machine? My concern is that we do have a polycom here on location that does get used quit often, and I don't want to strain the network if that plus 45 additional nodes are on the network.

Thanks in advance!!
 
Hi

Any VPN network that are login(at windows startup) on a remote server use the bandwidth of the office connecting.

And if you use the VPN connection to share internet also, this will increase the internet bandwidth of your office. And a 5mb cable connecting is too small for 45 local users, and 45 VPN/internet remote users

But otherwise, if you connect to a VPN server, and leave the local internet (enable the gateway on connection), this is not a good idea. Because security reason.

Hope this helps.

Stone
 
I guess what you want is split-tunneling which only sends data through the VPN tunnel that is needed. For web browsing it uses the local Internet connection. There's one danger of this, if your computer is infected by some sort of spyware, then someone can piggy-back from the Internet through the VPN and into the network.

I agree with StoneEdge that a 5mb is a bit small for the number of users you have but that all depends if if all 45 remote users are online at once. In that case, your upload bandwidth might be saturated. Also if your 45 local users browse the net or send emails often, that can cause a slow down also.
 
I don't know if 5mb is enough or not; I once had an office with 200 users on a T1. Depends on the usage, so check what the bandwidth utilization is for the existing 45 users.

Remember that the Pix with FOS 6.x doesn't support what you want. I've read the ver 7 does, but haven't seen that version yet.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top