Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

PIX VPN Tunnel over ISP ISDN Dialup

Status
Not open for further replies.
dm318

dm318

MIS
Aug 4, 2002
35
SG
Hi Folks,

Need your input again as I'm still quite new in this field. A picture speaks a thousand words. Can the following setup work??

Client-->PIX-->Cat261x-->ISDN Link~~~>INTERNET<~~~LLC<---PIX
<=============VPN Tunnel=============>

Will the VPN tunnel hold up by the frequent up/downs since the connection is dial-on-demand? Anyone tried something like that? Reliability issues? Thx a Million!
 
Sort by date Sort by votes
hi
i guess the cat261 is a router and not a switch ... anyway
the pix see the all the devices like an IP cloud , it doesnt know if there is an ISDN link, E1, ATM or whatever.
since ISDN is a dial line it probably have an idle-timer so if u want the tunnel to be &quot;up&quot; enytime, consider using some routing protocol (like RIP/IGRP) just to hold the line active.
if the isdn goes down , the tunnel goes down, and when the router will see &quot;interesting traffic&quot; ( traffic that should reset the idle timer and need to open the line if its down ) it will bring up the isdn again and when u try to open a connection to the remote LAN the vpn tunnel will go up .....

this should work , i dont c any problem
hope i help u
bye
 
Upvote 0 Downvote
Thanks Chenchuk77 for your reply, however I'm a bit curious.... Are you sure you do not know what's a Cat261x? I'm actually referring to the Cisco Catalyst 2600 series routers. And yes, after asking around, I do think the solution would work since the ISDN connection should be transparent to the PIX/Tunnel.

My ISDN connection is already up so I've the tunnel left to get up. Fingers crossed since I learnt from more experienced network chaps that ISDN connections are not necessarily the best around. And rightly so, since I'm already facing some funny behaviours now...

Cheers
dm318
 
Upvote 0 Downvote
HI.

You should make sure that the ISDN router is not configured for NAT or any filterring that might block the IPSEC tunnel.
Can both pix devices ping each other?

Do you need the ISDN link to go up and down?
Are you paying for the ISDN per uptime or per month?

Bye
Yizhar Hurwitz
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ISDPCMAN
  • Locked
  • Question
RDP fails over VPN
Replies
1
Views
216
gkittelson
gkittelson
intel233
  • Locked
  • Question
Cisco ASA - VPN Question
Replies
6
Views
611
intel233
intel233
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
550
nnaarrnn
nnaarrnn
Shmid
  • Locked
  • Question
Restricting Sonicwall SSL-VPN users for WAN access
Replies
7
Views
754
Shmid
Shmid
WhosYourDiffie
  • Locked
  • Question
Cisco ASA 5506 VPN for Avaya Phones
Replies
0
Views
165
WhosYourDiffie
WhosYourDiffie

Part and Inventory Search

Sponsor

Back
Top