vpn

I have a newer router, dlink dir-655, on comcrap cable.
is there a way to increase the vpns through the router? or are all routers
that way?
Im going to be connecting it to a t-1 line once it is all setup, but I need
to make sure everything is working good on it.
Thanks a bunch

"Dave Beanie" <(E-Mail Removed)> wrote in message
news:5D062127-0AA0-42AA-B1DA-(E-Mail Removed)...
>I have a newer router, dlink dir-655, on comcrap cable.
> is there a way to increase the vpns through the router? or are all routers
> that way?

Increase the VPNs? I have no idea what yo mean by that.

> Im going to be connecting it to a t-1 line once it is all setup, but I
> need
> to make sure everything is working good on it.

A T1 won't have the Dlink box. A T1 will have a CSU/DSU which is then
connected by a special Serial Cable to a *real* Router like a Cisco 2800,
2600, 1700, or 2500 Series router. Even an older Cisco 2500 is plenty good
enough for that and you can probably get them cheap on EBay.
In some cases the T1 line provider will supply the Routing Equipment and
will configure, maintain, and monitor it for you.

--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/IS...cessRules.html

Troubleshooting Client Authentication on Access Rules in ISA Server 2004
http://download.microsoft.com/downlo...7/ts_rules.doc

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp

Microsoft ISA Server Partners: Partner Hardware Solutions
http://www.microsoft.com/forefront/e...epartners.mspx
-----------------------------------------------------

is there a setting in the router that will allow more than one vpn at a time?
I will be connecting this at the customers place toa t-1 with has a csu/dsu
in the building, but i am planning on putting the t-1 directly to the server,
on one nic and then the intranet on the other nic



"Phillip Windell" wrote:

>
> "Dave Beanie" <(E-Mail Removed)> wrote in message
> news:5D062127-0AA0-42AA-B1DA-(E-Mail Removed)...
> >I have a newer router, dlink dir-655, on comcrap cable.
> > is there a way to increase the vpns through the router? or are all routers
> > that way?
>
> Increase the VPNs? I have no idea what yo mean by that.
>
> > Im going to be connecting it to a t-1 line once it is all setup, but I
> > need
> > to make sure everything is working good on it.
>
> A T1 won't have the Dlink box. A T1 will have a CSU/DSU which is then
> connected by a special Serial Cable to a *real* Router like a Cisco 2800,
> 2600, 1700, or 2500 Series router. Even an older Cisco 2500 is plenty good
> enough for that and you can probably get them cheap on EBay.
> In some cases the T1 line provider will supply the Routing Equipment and
> will configure, maintain, and monitor it for you.
>
> --
> Phillip Windell
> www.wandtv.com
>
> The views expressed, are my own and not those of my employer, or Microsoft,
> or anyone else associated with me, including my cats.
> -----------------------------------------------------
> Understanding the ISA 2004 Access Rule Processing
> http://www.isaserver.org/articles/IS...cessRules.html
>
> Troubleshooting Client Authentication on Access Rules in ISA Server 2004
> http://download.microsoft.com/downlo...7/ts_rules.doc
>
> Microsoft Internet Security & Acceleration Server: Partners
> http://www.microsoft.com/isaserver/partners/default.asp
>
> Microsoft ISA Server Partners: Partner Hardware Solutions
> http://www.microsoft.com/forefront/e...epartners.mspx
> -----------------------------------------------------
>
>
>

"Dave Beanie" <(E-Mail Removed)> wrote in message
news:EEF38D23-E50F-4888-9546-(E-Mail Removed)...
> is there a setting in the router that will allow more than one vpn at a
> time?

Probably not. You trying to use "home user" technology in a commercial
envronment.

> I will be connecting this at the customers place toa t-1 with has a
> csu/dsu
> in the building, but i am planning on putting the t-1 directly to the
> server,
> on one nic and then the intranet on the other nic

1. T1 comes into the CSU/DSU
2. CSUDSU goes into the "real" Router (not a home user box) via Serial Cable
into a Serial Interface (typically S0).
3. Ethernet Interface of the "real" Router (typically E0) goes into
reasonably decent Switch.
4. Switch is connected to by a Firewall Product from its Untrusted External
Interface. The Firewall Product could be:
MS ISA Server
Cisco PIX or ASA
Checkpoint
Watchgaurd
.....probably a dozen other choices,...pick one
5. The Firewall Product connects to a LAN Switch with its Trusted Internal
Interface
6. Rest of the LAN Plugs into the LAN Switch or Switches
7. The Firewall Product is the *Only* device with two nics (duel-homed)
8. Any "Public" devices with Public IP#s that are not part of the LAN will
plug into the Switch that is between the Internet Router and the Firewall
Product. The TCP/IP config must be statically configured. That would be the
switch described in items #3 & #4 above

The Firewall Product will double as the "VPN Server" that accepts incomming
VPN Connection.

Outgoing VPN links from individuals should not be allowed, but can be done.
It should be fairly easy with the Cisco, Checkpoint, or Watchgaurd because
they are fairly simple "NAT boxes" in spite of all the "features" they pile
on top of that. The MS ISA Server is much more complex and although it can
operate as NAT Firewall, it can go well beyond that and operate as a Proxy
based Firewall using both CERN Compliant Web Proxy technology and Winsock
based technology. ISA will only allow outbound VPNs from individuals via
the NAT Service.

--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------

Can I just go from csu/dsu to the server nic and just use that for the vpn?
or do i have to use a router?
Thanks a bunch



"Phillip Windell" wrote:

> "Dave Beanie" <(E-Mail Removed)> wrote in message
> news:EEF38D23-E50F-4888-9546-(E-Mail Removed)...
> > is there a setting in the router that will allow more than one vpn at a
> > time?
>
> Probably not. You trying to use "home user" technology in a commercial
> envronment.
>
> > I will be connecting this at the customers place toa t-1 with has a
> > csu/dsu
> > in the building, but i am planning on putting the t-1 directly to the
> > server,
> > on one nic and then the intranet on the other nic
>
> 1. T1 comes into the CSU/DSU
> 2. CSUDSU goes into the "real" Router (not a home user box) via Serial Cable
> into a Serial Interface (typically S0).
> 3. Ethernet Interface of the "real" Router (typically E0) goes into
> reasonably decent Switch.
> 4. Switch is connected to by a Firewall Product from its Untrusted External
> Interface. The Firewall Product could be:
> MS ISA Server
> Cisco PIX or ASA
> Checkpoint
> Watchgaurd
> .....probably a dozen other choices,...pick one
> 5. The Firewall Product connects to a LAN Switch with its Trusted Internal
> Interface
> 6. Rest of the LAN Plugs into the LAN Switch or Switches
> 7. The Firewall Product is the *Only* device with two nics (duel-homed)
> 8. Any "Public" devices with Public IP#s that are not part of the LAN will
> plug into the Switch that is between the Internet Router and the Firewall
> Product. The TCP/IP config must be statically configured. That would be the
> switch described in items #3 & #4 above
>
> The Firewall Product will double as the "VPN Server" that accepts incomming
> VPN Connection.
>
> Outgoing VPN links from individuals should not be allowed, but can be done.
> It should be fairly easy with the Cisco, Checkpoint, or Watchgaurd because
> they are fairly simple "NAT boxes" in spite of all the "features" they pile
> on top of that. The MS ISA Server is much more complex and although it can
> operate as NAT Firewall, it can go well beyond that and operate as a Proxy
> based Firewall using both CERN Compliant Web Proxy technology and Winsock
> based technology. ISA will only allow outbound VPNs from individuals via
> the NAT Service.
>
> --
> Phillip Windell
> www.wandtv.com
>
> The views expressed, are my own and not those of my employer, or Microsoft,
> or anyone else associated with me, including my cats.
> -----------------------------------------------------
>
>
>

"Dave Beanie" <(E-Mail Removed)> wrote in message
news:9A75A3F9-D96D-4993-A938-(E-Mail Removed)...
> Can I just go from csu/dsu to the server nic and just use that for the
> vpn?
> or do i have to use a router?
> Thanks a bunch

No, the CSU/DSU doesn't have an Ethernet Port,...it uses a Serial Interface
with a special (really strange looking) Serial Cable that has to plug into a
strange looking high-density Serial Interface of a Router. It more closely
resembles an old external Phone Modem hanging off of a Serial Cable, but not
quite the same thing.

On the other side it has a phone line port (for the T1). It looks similar
to the phone port on an old external modem except that it uses an RJ45
connector instead of an RJ11.

I think in some ways its job is similar to the old external phone modems (or
maybe an ISDN Modem) with maybe a little VooDoo added. I never looked deep
enough into them to find out for sure.

--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------