Re: Field unit connectivity thru dynamic vpn

["ॐ aditya mukadam ॐ" <aditya.mukadam () gmail com>]

As I understand field units will have dynamic IPs while central studio
will have fixed IP. IPSec has inbuilt peer authentication method.

To keep it simple, two VPN peers authenticate each other's identity
using a pre-shared key or certificates. Also, this keep is associated
with a unique IP to which you would build a tunnel. Below is an
example of dynamic to static tunnel configuration for Cisco routers.

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080093f86.shtml


Thanks,
Aditya Govind Mukadam

On Tue, Aug 5, 2008 at 12:46 PM,  <danieldaisyvandy () gmail com> wrote:
> Hi,
>
> I work for a news agency that has recently decided to opt for dynamic vpns to connect their field units and offices 
> to their central studio.
>
> The plan at a high-level is as below:
>
> The field units will be connecting to internet over a satellite link, which means the field routers get a dynamic IP 
> address for the WAN interface.
>
> [field unit A LAN] ------- (field unit A router)----//------{internet}---//---(central studio router) ------[central 
> studio LAN]
>
> Other units and offices will be connected in the same fashion. In the field units and offices, there will be several 
> media equipments that will be connected to the LAN apart from the computers.
>
> The field units sometimes have to be in conflict zones or areas which make them prone to be hijacked or equipment 
> theft.
>
> What access control precautions needs to or can be taken for vpn to limit unauthorized access from the field units?