Screen OS

I'm trying to determine if / how to connect a branch office (4 users) to the main office. The branch has a Cisco 1720 and a T1, main office has 3 bonded T1s though a Cisco 24xx IAD.

The branch has a Windows Server 2k DC that will be dumped. The main office is upgrading to Windows Small Business Server 2008R2. Workstations will be Windows 7.

I want to use a SSG5 at the branch office to connect to Window Server RAS giving us a LAN to LAN.

Main office uses an iptables firewall that is configured to allow 1723 and GRE in and out.

I looked around for configuration examples, but have not really found anything. Will this proposal work, or should I be looking at something different?

Thanks in advance.

It's been a while since I've worked with this Cisco series so I pulled up the product page.

http://www.cisco.com/en/US/products/hw/routers/ps221/products_data_sheet09186a00800920ec.html

The 1720 is a fully capabale IPSEC VPN firewall device.  So you best bet for interconnection is to create a VPN from this Cisco to the SSG5 at the remote site and route the traffic through this.

The PPTP connections on the Windows server are really designed for remote or traveling computer connections not a LAN to LAN permanent VPN.

Here's the technote on setting up a VPN between SSG and Cisco.  But the example on the Cisco side is Pix line.  You'll need to find the appropriate section of the 1720 documenation for that.

http://kb.juniper.net/InfoCenter/index?page=content&id=KB11787

The 1720 is at the remote site, so I just need to come up with a VPN endpoint at the main office.

Thanks for the help.