Sure it makes sense (parallel topology). You ever hear of division of labor? If you're on a budget, sure use one device. But, if you can afford it, it's better to separate the firewall and VPN functions to separate devices. One of my favorite config is to run PIX and Netscreen in parallel at the edge whereby PIX does the packet filtering and Netscreen handles VPN traffic.
Randall -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Aaron Brasslett Sent: Wednesday, December 18, 2002 02:12 PM To: NT 2000 Discussions Subject: RE: Minimum VPN req's Why would you put your VPN box in parallel with the PIX? Why wouldn't you support the VPN on one of the existing PIXs? Parallel firewalls don't make a lot of sense. Aaron -----Original Message----- From: Robert Gonzaga (306) [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 18, 2002 5:03 PM To: NT 2000 Discussions Subject: RE: Minimum VPN req's I setup our VPN box in parallel with our 2 PIXs. You need a public IP for the outside and a private IP on the inside. Pop in you PDC info, WINS and pool of address for that clients and that's basically it. It's fast. You can use your existing windows client but I'd recommend the Cisco software that comes with the concentrator. The client is a free downloadable from cisco if you have a CCO login. -----Original Message----- From: Lum, David [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 18, 2002 2:00 PM To: NT 2000 Discussions Subject: Minimum VPN req's All this talk of VPN...what's the absolute minimum equipment to VPN if both sides already have fast internet? Software/hardware. I currently dial in via PCAnywhere to one site, but I'd love to utilize my DSL and their broadband connection to connect. Dave Lum - [EMAIL PROTECTED] Sr. Network Specialist - Textron Financial 503-675-5510 ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
