Work Diary: VPN, VPN and more VPN

This last week has been a week of many VPNs. We started with encrypting our L2TPv3 VPN over  a tunnel based IPSec VPN between two Cisco IOS routers – now my preferred method of site to site VPN. The next configuration was a Cisco ASA to Cisco IOS router which, unfortunately, does not support the tunnel method so a ‘traditional’ style was needed on the router to match up with ASA. Site-to-site VPNs are fairly straightforward but we have  had several requests this week for modifications and changes to Remote Access VPN setups.

The RA VPN can have a lot of configuration to include split tunnelling, split DNS, Active directory Authentication and the list goes on, and on, and on. The requirements this week were for data hair-pinning and reaching other site to site destinations from a remote access user. At Gconnect we have traditionally deployed the Cisco IPSec VPN client mainly due to licensing constraints but recently have bee using the SSL VPN, both client-less and with the AnyConnect client – but as one client found out this week, there is a significant RAM requirement for some of these features.

Gconnect can manage your Cisco IOS and security devices – for more information see here

cisco_partner

Exam Success!

Congratulations to Mark Murray, one of our resident Windows engineers, on passing his latest Microsoft exam. His latest certification takes him to MCSA (Microsoft Certified Solutions Associate) level and further strengthens our in-house technical abilities here at Gconnect. The MCSA certification is based around implementing and managing Windows Server 2008 and 2012 Active Directory and network infrastructure.

Work Diary: Layer2 VPNs

We had an enquiry this week from somebody who had found us on the Cisco website (Thanks Cisco!) who needed a layer2 VPN setting up. As the story unfolded, he wanted a layer2 VPN to run over a couple of broadband lines. This type of VPN solves a lot of problems in certain situations, in his case, there are 2 devices which have only MAC addresses and need to communicate over ethernet. Other uses include, extending the company LAN back to remote sites or home offices – meaning the remote users can use telephone systems, DHCP servers and the like over the link. Normally we would have delivered it over our MPLS network but as we are not the connectivity provider here we had to come up with a new solution. We used a technique using the open standard L2TPv3 (Layer 2 Tunneling Protocol v 3) which supports Layer 2 VPN and pseudo wires and ended up with a fully configured Lab setup deployed on 2 Cisco routers and 2 Gconnect broadband lines.

Gconnect Cisco Consultancy
L2TPv3 Layer 2 Tunneling Protocol v3
Cisco Cloud and Managed Services Partners

Cisco_Powered_Universal_145px_225_RGB