acidkewpie
Programmer
Hi,
We have a number of remote sites connected like this:
Main LAN >--< PIX 525 >--< Net >--< Cisco ADSL 837 >--< PIX 501 >--< Site
This works approximately fine, but we are looking into a more moveable non-ADSL based internet connection via a 3G router, so the architecture turns into:
Main LAN >--< PIX 525 >--< Net >--< Linksys 3G Thing >--< PIX 501 >--< Site
Now the difference we are seeing in the remote peer is that we have no static ip address on that internet connection, instead it is masquaraded by the mobile phone company as a whole.
My VPN knowledge is fairly poor, and we've been informed that as the tunnel can obviously not be established outright from our 525 it is not possible to perform and site to site routing, and instead can only achieve a one way connection to the single address of the peer and not the LAN behind it, a la easyvpn (afaik).
Is anyone able to comment about this, and maybe suggest pointers to mean we can have the same full site to site access we currently "enjoy" when our remote peers have static IP addresses?
Many thanks
Chris
We have a number of remote sites connected like this:
Main LAN >--< PIX 525 >--< Net >--< Cisco ADSL 837 >--< PIX 501 >--< Site
This works approximately fine, but we are looking into a more moveable non-ADSL based internet connection via a 3G router, so the architecture turns into:
Main LAN >--< PIX 525 >--< Net >--< Linksys 3G Thing >--< PIX 501 >--< Site
Now the difference we are seeing in the remote peer is that we have no static ip address on that internet connection, instead it is masquaraded by the mobile phone company as a whole.
My VPN knowledge is fairly poor, and we've been informed that as the tunnel can obviously not be established outright from our 525 it is not possible to perform and site to site routing, and instead can only achieve a one way connection to the single address of the peer and not the LAN behind it, a la easyvpn (afaik).
Is anyone able to comment about this, and maybe suggest pointers to mean we can have the same full site to site access we currently "enjoy" when our remote peers have static IP addresses?
Many thanks
Chris