(ASCEND) RFC VPN and Access Solution Comprehesion plus

To: Matt Holdrege <matt@ascend.com>, Charlie Clemmer <cclemmer@mindspring.com>
Subject: (ASCEND) RFC VPN and Access Solution Comprehesion plus
From: dreamwvr <dreamwvr@dreamwvr.com>
Date: Sat, 30 May 1998 17:26:05 -0600
Cc: "Leon McCalla" <ascend@caribbeanlink.com>, <ascend-users@max.bungi.com>
In-Reply-To: <3.0.5.32.19980530134410.00b99a30@darla.ascend.com>
References: <3.0.1.32.19980529182241.007ab220@pop.mindspring.com><00b601bd8b15$5c7b4b00$2504fdcc@negril.netrox.net>
Sender: owner-ascend-users@max.bungi.com

Hi Everyone,
          I apologize if this is wordy but am trying to comprehend what i
am getting 
          myself into;') Here is the scenario i am setting up a full time
T1 from a 
          head office over the big I to a series of branch offices running
yet to be 
          determined access to the Internet. At the head office their will
be a router 
          either a cisco or a plain old linux solution router statically
routing to 
          the next router up the web chain. Behind this router is a
firewall with a 
          dmz running a secure server. Behind this again is a second router
that is 
          the last point out on the lan. I am planning to VPN using say the
VPN 1010
          series box on each of the branches including the hq. Running
IPSEC if possible 
          the VPN boxes will be the last routers inward if possible. Is
this possible 
          without causing any problems. Anyways here is where i get
completely lost 
          on the solution:'( I plan to tunnel thru the internet from branch
to branch
          using say ascend to authenticate. Where should the auth servers
live at the 
          DMZ or connected somehow to the T1 at the tip of the Internet. I
think what 
          happens here is that people dial in via isp and point their pc to
a branch 
          static ip where they are authenticated and allowed or denied. Is
this right?
          In the mean time if they are denied then they can't enter the
tunnel right?
          Are there any diagrams explaining where the radius is to live and
how it 
          is installed hopefully step by step? Also since ace servers are
planned 
          for roving users is this the way to go? Where does the Ascend
come into 
          play and does it provide what i think it does? the head office
will go 
          something like this is this right and where does the ascend
server live 
          and what protects it?
                               DMZ
                                |

          internet-> router-> bastion-> router internal ->lan - ascend?
-ace srv

	Thanking you all in advance:')

								Regards,
									dreamwvr@dreamwvr.com 
_______________________________________________________________________

DREAMWVR.COM - TOTAL WEB INTEGRATION, DEVELOPMENT, DESIGN SERVICES. 
Featuring Website Development and Web Strategies of a TOP Developer 
<http://www.dreamwvr.com/dreambiz.htm> <mailto:dreamwvr@dreamwvr.com>
"As Unique as the Company You Keep."        "===0 PGP Key Available 
________________________________________________________________________
                                                                   


++ Ascend Users Mailing List ++
To unsubscribe:	send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd:	<http://www.nealis.net/ascend/faq>

Follow-Ups:

(ASCEND) Re: RFC VPN and Access Solution Comprehesion plus

From: Matt Holdrege <matt@ascend.com>

References:

Re: (ASCEND) VPN to a cisco?

From: Charlie Clemmer <cclemmer@mindspring.com>

(ASCEND) VPN to a cisco?

From: "Leon McCalla" <ascend@caribbeanlink.com>

Re: (ASCEND) VPN to a cisco?

From: Matt Holdrege <matt@ascend.com>

Prev by Date: Re: (ASCEND) MPP on a Max4048 with tik.m40 5.0Ap42
Next by Date: Re: (ASCEND) VPN to a cisco?
Prev by thread: Re: (ASCEND) VPN to a cisco?
Next by thread: (ASCEND) Re: RFC VPN and Access Solution Comprehesion plus
Index(es):
- Main
- Thread