Virtual Private Network (VPN) is a network which uses a shared network infrastructure (Internet) which allows a secure access between two networks or securely connects a remote user to his corporate network.
Let's check out here how to configure a Site to Site VPN using a Pre-shared Key in Cisco Routers running Cisco IOS
Recently we had this problem with this problem with an Exchange 2003 server in the HQ and Outlook Clients in a particular branch office. The Branch office connects into the HQ through a site to site IPSec VPN using Juniper Netscreen SSG20 firewalls on either end of tunnels.
The Problem
The Outlook clients would connect OK but suddenly loose connection to the Exchange server and never connect back. The Outlook Client status will say "Disconnected". The client PCs will however be able to ping the server and network connections look OK. This happened in random times and sometimes when sending large emails.
If you have site to site IPSec VPNs configured between two network with your Juniper Netscreen or SSG firewalls and clients from one network access servers or services from the other network then it is advisable to enable Path MTU Discovery support on the Juniper firewalls.
Juniper Netscreen or SSG firewalls running Screen OS by default disable the Path MTU Discovery support. This means, when an IP Packet with DF bit set ("1") in the ip Header and its size after IPSec Encapsulation is more the MTU of the Juniper VPN Firewall arrives at the VPN Firewall, the firewall will ignore the "DF" bit and simply fragments the packets and forwards it to the appropriate tunnel interface. This can cause serious problems with some applications. A classic example is the Microsoft Applications that rely on NetBIOS over TCP/IP which wouldn't prefer the packets being fragmented (and hence DF set).
ClarkConnect is an all-in-one Opensource networking suite from Point Clark Networks. It is a full blown security suite on one front with Stateful firewall protection, Intrusion Detection and prevention, Maile Gateway with Antivirus, Anti-spam and Anti-phishing support, proxy & web content filtering, peer to peer connection filtering for web protection while is also a networking suite with IPSec and PPTP support, bandwdith and system monitoring and a server with web-server, Database server support, file & print sharing, mail server, system and mail backup. All built on a cut down redhat linux with a good web interface.