1 / 13

UAB VPN Service

UAB VPN Service. David Wolford, Communications Network Specialist. UAB Virtual Private Network. User Services has provided VPN for many years First service was called PopTop and used PPTP Second and current service uses a Cisco 3060 VPN concentrator and uses IPSEC

desma
Télécharger la présentation

UAB VPN Service

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. UAB VPN Service David Wolford, Communications Network Specialist

  2. UAB Virtual Private Network • User Services has provided VPN for many years • First service was called PopTop and used PPTP • Second and current service uses a Cisco 3060 VPN concentrator and uses IPSEC • We currently average ~ 50 IPSEC concurrent users

  3. System Information • Current appliance is a Cisco 3060 which has been in service for approximately eight years. • We are preparing two Cisco ASA 5550 security appliances to replace our 3060 in the near future. • The Cisco ASA 5550’s will provide load sharing redundancy and will allow us to use the Cisco SSL client.

  4. Reasons to Upgrade Service • Cisco 3060 was originally purchased for wireless users. It was pressed into service with the blocking of Microsoft ports and is now end-of-life by Cisco. • Implementation of border firewall and plans of tighter border security will increase the need. • Cisco is favoring SSL for newer OS platforms like Windows 64-bit.

  5. ASA5550

  6. VPN Client Options • Cisco IPSEC client IPSEC not available for 64 Bit Windows • SSL Client

  7. Client Downloadhttps://vpndpo.dpo.uab.edu

  8. SSL VPN Client

  9. Cisco IPSEC Client

  10. Departmental VPN Groups • Offers IP addresses from a defined pool of addresses for firewall traversal and resource access • DCNS can add or remove users from groups • Works with SSL and IPSEC VPN

  11. Network Diagram

  12. Split Tunneling

  13. On the Horizon • Integration with campus NAC • Two factor authentication

More Related