Re: VPN connection using ISA Server 2000

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Mon, 12 Jan 2004 16:44:00 -0600

Hi Marrow,

I suspect that if your users arern't exceptionally active, an IPSec
offload card with an adequately powerful PIII will more than do the
trick. What ISA firewall policies do you have active on the server?

Thanks!
Tom 

-----Original Message-----
From: Marrow K.L. Yung [mailto:marrow.yung@xxxxxxxxxxxxxxx] 
Sent: Monday, January 12, 2004 9:15 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: VPN connection using ISA Server 2000

http://www.ISAserver.org

I think what you mean is even I have a 10Mbps/10Mbps connection and VPN
overhead still present. I agree with that. It means if my firewall has
horse power to handle it and I use the NIC which can offload the IPSec
overhead from the CPU and use the VPN bypass function in the router, I
can create as much as VPN connection as my ISA Server 2000 can handle.

I mean really look for as much as VPN connection as possible solution.
What do you suggest? keep adding VPN router if more VPN connection need
? or really depends on the power of the hardware ISA Server 2000
installed and the Intel 10/100 Pro S Server adapter. Just tell me what
you think as the most expensive solution in my mind now is a LinkSys VPN
router which can handle 70 VPN connection at the same time and link up
VPN routers if more than 70+ is need.



Very best regards,

Marrow Yung.




-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
Sent: Monday, January 12, 2004 6:09 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: VPN connection using ISA Server 2000


http://www.ISAserver.org

No one will ever acheive "unlimited" VPN connections; that's what is
called "infinite".
You will always be limited by (in this order):
1. Internet Bandwidth - the shopkeeper is right; you can only support
the maximum traffic of the smallest pipe.  In this case, it's your
Internet connection.
2. CPU speed - Even with a NIC or co-processor board to offload the
encryption duties, there is still an upper limit to the number of
encryption calculations per second that can be achieved

Take a read here for more information regarding this NIC and IPSec:
http://www.intel.com/support/network/adapter/faq.htm

 Jim Harrison
 MCP(NT4, W2K), A+, Network+, PCG
 http://www.microsoft.com/isaserver
 http://isaserver.org/Jim_Harrison
 http://isatools.org

 Read the help, books and articles!
----- Original Message -----
From: "Marrow K.L. Yung" <marrow.yung@xxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Cc: <isalist@xxxxxxxxxxxxx>
Sent: Sunday, January 11, 2004 08:58
Subject: [isalist] VPN connection using ISA Server 2000


http://www.ISAserver.org

I am looking for a VPN unlimited connection solution, I see that all the
VPN broadband router can only support maximum 70 VPN
Connections in the router level. However, I need the unlimited one for
my own company. What I am thinking is, I buy a Intel 10/100
Pro S Server Adapter , which can support hardware IPSec in the NIC card
itself( the spec. in intel says that, that's why it is
Server NIC , not desktop NIC), then I use the VPN function in the ISA
Server 2000 to create VPN connection for all of my client. In
the router level I will only let the router enable the VPN bypass
function , which is a common function in all router in Hong Kong.

What do you think about my VPN unlimited solution? The pricing of this
combination will only cost 100-200 more Hong Kong dollar when
compare with using VPN router. Which is very good if I need more than 70
VPN connections.

the shop keeper tell me it is impossible to have unlimited VPN
connection (I think he mean in the router level), he say even it can,
the bandwidth for 70+ VPN connection can't handled by broadband
connection. Is that true ?  I will have a broadband connection of
10Mbps upstream 10Mbps downstream. It still not enough ? I am not going
to assume they all connnect at the same time (through you
can say why I don't use VPN router if I don't assume it will handle all
at the same time, but I want to make it unlimited in the
lowest price, the hightest price is I link up all VPN router to make it
support more than 70 VPN Connections if one VPN router is
over limited).


Very best regards,

Marrow Yung.





------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
marrow.yung@xxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » VPN connection using ISA Server 2000
• » Re: VPN connection using ISA Server 2000
• » Re: VPN connection using ISA Server 2000
• » Re: VPN connection using ISA Server 2000
• » Re: VPN connection using ISA Server 2000
• » Re: VPN connection using ISA Server 2000
• » Re: VPN connection using ISA Server 2000
• » RE: VPN connection using ISA Server 2000
• » Re: VPN connection using ISA Server 2000
• » Re: VPN connection using ISA Server 2000
• » Re: VPN connection using ISA Server 2000
• » RE: VPN connection using ISA Server 2000
• » RE: VPN connection using ISA Server 2000
• » RE: VPN connection using ISA Server 2000
• » Re: VPN connection using ISA Server 2000
• » Re: VPN connection using ISA Server 2000

1. Home
2. isalist
3. Archive
4. 01-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---