DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
VPN or Admin Over NAT'ed 3G
- markyh
- Topic Author
- Offline
- New Member
Less
More
- Posts: 1
- Thank you received: 0
15 Mar 2014 10:17 #79351
by markyh
VPN or Admin Over NAT'ed 3G was created by markyh
I have the following setup:
Branch office: Vigor 2860
Head office: Cisco PIX
Both ends have a static IP and my LAN to LAN (Site to Site on the PIX) VPN works fine.
I have 3G dongle as a backup internet at the branch office so when the main ADSL circuit fails the local site have internet. The 3G service provides me with a NAT’ed address.
The issue I have is when the main ADSL circuit fails I lose my VPN link back to head office, this is to be expected but I would like to have some method of remote access to the Vigor or a backup VPN back to head office over the 3G dongle.
I was looking to attached to our PIX client side VPN profiles, the ones we use for users with a Cisco VPN client installed on their laptops or a IPSEC profile on tablets devices. I don’t see any option to enter the VPN profile group name (IPSEC Identifier as it’s called on android tablets).
Things I want to be able to do is have remote access to the branch office network and Vigor administration, the latter is more important as I will need to change the DSL user name and password soon remotely when we change ISP.
I may be barking up the wrong tree and there may be a better solution, any pointer would be helpful. Not sure if you can change DSL details with DrayTek ACS-SI product.
Many thanks
Branch office: Vigor 2860
Head office: Cisco PIX
Both ends have a static IP and my LAN to LAN (Site to Site on the PIX) VPN works fine.
I have 3G dongle as a backup internet at the branch office so when the main ADSL circuit fails the local site have internet. The 3G service provides me with a NAT’ed address.
The issue I have is when the main ADSL circuit fails I lose my VPN link back to head office, this is to be expected but I would like to have some method of remote access to the Vigor or a backup VPN back to head office over the 3G dongle.
I was looking to attached to our PIX client side VPN profiles, the ones we use for users with a Cisco VPN client installed on their laptops or a IPSEC profile on tablets devices. I don’t see any option to enter the VPN profile group name (IPSEC Identifier as it’s called on android tablets).
Things I want to be able to do is have remote access to the branch office network and Vigor administration, the latter is more important as I will need to change the DSL user name and password soon remotely when we change ISP.
I may be barking up the wrong tree and there may be a better solution, any pointer would be helpful. Not sure if you can change DSL details with DrayTek ACS-SI product.
Many thanks
Please Log in or Create an account to join the conversation.
- sicon
- Offline
- Contributor
Less
More
- Posts: 642
- Thank you received: 0
18 Mar 2014 11:36 #79375
by sicon
Replied by sicon on topic Re: VPN or Admin Over NAT'ed 3G
You could create another L2L profile for WAN3 (the dongle) which would initiate when the ADSL goes down.
WAN3 would have to be in backup mode only
In the profile dial-out setting you would specify the PIX IP and the user credentials and authentication set by the Pix firewall.
When WAN1 (ADSL) goes off the USB would kick in and Dial out of WAN3 on what ever IP it gets.
WAN3 would have to be in backup mode only
In the profile dial-out setting you would specify the PIX IP and the user credentials and authentication set by the Pix firewall.
When WAN1 (ADSL) goes off the USB would kick in and Dial out of WAN3 on what ever IP it gets.
Please Log in or Create an account to join the conversation.
Moderators: Sami
Copyright © 2024 DrayTek