VPN Only Connection Information and Sign up



Similar documents
PowerLink Bandwidth Aggregation Redundant WAN Link and VPN Fail-Over Solutions

Smart Tips. Enabling WAN Load Balancing. Key Features. Network Diagram. Overview. Featured Products. WAN Failover. Enabling WAN Load Balancing Page 1

EXINDA NETWORKS. Deployment Topologies

Using IPsec VPN to provide communication between offices

Firewall Defaults and Some Basic Rules

Best Practices: Pass-Through w/bypass (Bridge Mode)

WAN Failover Scenarios Using Digi Wireless WAN Routers

Configuring High Availability for Embedded NGX Gateways in SmartCenter

WAN Traffic Management with PowerLink Pro100

ASA/PIX: Load balancing between two ISP - options

Configuring IPsec VPN with a FortiGate and a Cisco ASA

PREPARED FOR ABC CORPORATION

Creating a VPN with overlapping subnets

Edgewater Routers User Guide

A Link Load Balancing Solution for Multi-Homed Networks

Appendix C Network Planning for Dual WAN Ports

UIP1868P User Interface Guide

How To Load balance traffic of Mail server hosted in the Internal network and redirect traffic over preferred Interface

How Cisco IT Uses Firewalls to Protect Cisco Internet Access Locations

Edgewater Routers User Guide

- Introduction to PIX/ASA Firewalls -

Network Services Internet VPN

Configuring a customer owned router to function as a switch with Ultra TV

Firewall VPN Router. Quick Installation Guide M73-APO09-380

Networking Topology For Your System

Barracuda Link Balancer

VPN Solution Guide Peplink Balance Series. Peplink Balance. VPN Solution Guide Copyright 2015 Peplink

Application Description

Firewall Defaults, Public Server Rule, and Secondary WAN IP Address

MINIMUM NETWORK REQUIREMENTS 1. REQUIREMENTS SUMMARY... 1

Broadband Phone Gateway BPG510 Technical Users Guide

Multi-Homing Security Gateway

IOS NAT Load Balancing for Two ISP Connections

Load Balance Router R258V

Document No. FO1101 Issue Date: Work Group: FibreOP Technical Team October 31, 2013 FINAL:

Improving Network Efficiency for SMB Through Intelligent Load Balancing

Technical White Paper

Digi Connect WAN Application Helper NAT, GRE, ESP and TCP/UPD Forwarding and IP Filtering

Barracuda Link Balancer Administrator s Guide

ExamPDF. Higher Quality,Better service!

SURF Feed Connection Guide

Break Internet Bandwidth Limits Higher Speed. Extreme Reliability. Reduced Cost.

Multi-Link - Firewall Always-on connectivity with significant savings

SAN/iQ Remote Copy Networking Requirements OPEN iscsi SANs 1

Chapter 1 Personal Computer Hardware hours

White Paper. McAfee Multi-Link. Always-on connectivity with significant savings

DSL-G604T Install Guides

Enabling NAT and Routing in DGW v2.0 June 6, 2012

How To - Configure Virtual Host using FQDN How To Configure Virtual Host using FQDN

Securing Networks with PIX and ASA

Firewalls and VPNs. Principles of Information Security, 5th Edition 1

Hosted Voice. Best Practice Recommendations for VoIP Deployments

Data Sheet. V-Net Link 700 C Series Link Load Balancer. V-NetLink:Link Load Balancing Solution from VIAEDGE

Cisco Dynamic Multipoint VPN: Simple and Secure Branch-to-Branch Communications

Disaster Recovery Design Ehab Ashary University of Colorado at Colorado Springs

Protecting the Home Network (Firewall)

Recommended IP Telephony Architecture

Configuring Switch Ports and VLAN Interfaces for the Cisco ASA 5505 Adaptive Security Appliance

Cisco SR 520-T1 Secure Router

SSL-VPN 200 Getting Started Guide

Com.X Router/Firewall Module. Use Cases. White Paper. Version 1.0, 21 May Far South Networks

Configuring WAN Failover & Load-Balancing

Multi-Homing Dual WAN Firewall Router

How to set up Inbound Load Balance under Drop-in Mode

Cisco PIX vs. Checkpoint Firewall

Gigabit Content Security Router

Chapter 3 Security and Firewall Protection

How To Configure A Vyatta As A Ds Internet Connection Router/Gateway With A Web Server On A Dspv.Net (Dspv) On A Network With A D

ADTRAN 3120 / 3130 Internet Configuration Guide

About Firewall Protection

Configure ISDN Backup and VPN Connection

Using SonicWALL NetExtender to Access FTP Servers

BroadCloud PBX Customer Minimum Requirements

Configuring a VPN for Dynamic IP Address Connections

ehealth Ontario EMR Connectivity Guidelines

THINKTEL COMMUNICATIONS CUDATEL PHONE SYSTEM 270. High Availability and SIP-TRUNK Configuration

Whitepaper. StoneGate Multi-Link. Ensuring Always-on Connectivity with Significant Savings

HOSTED VOICE Bring Your Own Bandwidth & Remote Worker. Install and Best Practices Guide

Supporting Multiple Firewalled Subnets on SonicOS Enhanced

Knowledgebase Solution

AVer EVC. Quick Installation Guide. Package Contents. 8. Mini Din 8 pin MIC Cable. 1. Main System. 9. HDMI Cable. 2. Camera. 10.

How To Configure Virtual Host with Load Balancing and Health Checking

Source-Connect Network Configuration Last updated May 2009

VoIP CONFIGURATION GUIDE FOR MULTI-LOCATION NETWORKS

Elfiq Networks Vital for Hospitality

Small, Medium and Large Businesses

Installation of the On Site Server (OSS)

The Bomgar Appliance in the Network

How To Configure Apple ipad for Cyberoam L2TP

Gigabit Multi-Homing VPN Security Router

IP Telephony Basics. Part of The Technology Overview Series for Small and Medium Businesses

Voice Over IP and Firewalls

SIP Trunking with Microsoft Office Communication Server 2007 R2

Optimal Network Connectivity Reliable Network Access Flexible Network Management

Optimize your network for voice.

Remote Connectivity for mysap.com Solutions over the Internet Technical Specification

Successful IP Video Conferencing White Paper

Colt VoIP Access Colt Technology Services Group Limited. All rights reserved.

Volume GAJSHIELD INFOTECH PVT LTD. Wan Failover & Load Balancing. Administrative Guide

Transcription:

VPN Only Connection Information and Sign up Revision 4/16/2013 CU*Answers supports a variety of VPN network configurations for credit unions that desire to use VPN for primary connectivity. These options will provide you with maximum flexibility when deploying a CU*Answers VPN into your existing network infrastructure. This document assumes that a VPN will be established to CU*Answers data centers from a designated branch location of your credit union. When we configure the VPN, redundant tunnels will also be configured to our High Availability center and Disaster Recovery center. VPN router installed in LAN This has the following requirements: Static Public IP address (can be shared with LAN). Static private IP address for CU*Answers router UDP 500 and 4500 allowed outbound from router to 63.236.240.42, 216.111.149.124, and 65.114.214.66. TCP 22 (ssh) port forwarded to router and allowed inbound from CU*Answers NAT IP Addresses. See https://kb.cuanswers.com/cuanswers/csr/kbdetail.asp?kbid=3816 CU*Answers networks routed to router (See https://kb.cuanswers.com/cuanswers/consumer/kbdetail.asp?kbid=3572) or CU*Answers router used as default gateway. You should not proceed if: You have SonicWall firewalls in an HA pair. You have a Cisco PIX or ASA firewall. If either of these are true, please contact network services for an alternate connection proposal. VPN-Only Connection Information and Sign-Up 1

VPN Considerations for Internet VPN access to GOLD. Prior to implementing any VPN solution for online data connectivity, we strongly recommend the credit union review the VPN considerations below. Performing a risk assessment is recommended. If you have questions about compensating controls or alternative strategies, please don t hesitate to contact Network Services at helpdesk@cuanswers.com. For help with these considerations, contact Network Services or your IT department. In the event of loss of your Internet connection, you will lose access to GOLD. Do you have a redundant Internet strategy? Choose an ISP that has a history of providing reliable and quality service in your local area. With providing your own ISP connectivity, CU*Answers will not be in a position to guarantee the quality of your connection to the Internet or to GOLD. Can your primary Internet connection automatically failover to the redundant connection? Have you performed a DDoS risk assessment, per NCUA guidelines? Have you developed a DDoS response plan? Bandwidth, minimum available download/upload of 128k recommended. If your current usage is close to peak bandwidth over your ISP, CU*Answers recommends that you purchase additional bandwidth before proceeding. GOLD traffic will compete with other Internet traffic for your bandwidth, so bandwidth throttling and QoS at your router is strongly encouraged. A valid, UNUSED, public IP address is preferred, but not required. This may require an upgrade to your Internet access plan. A valid, UNUSED, private IP address is required. The private IP address and public IP address must be on separate subnets. This can be an IP address on the locations DMZ, or on an internal private network. Additional hardware such as a switch may need to be purchased to allow for multiple devices (VPN public interface, local firewall, etc.) in the DMZ or WAN segments of your network. Would you like information on setting up a backup VPN from another branch location with Internet access? Redundant connections are possible, but will require a custom-bid project, particularly if automatic failover to the alternate branch is desired. If yes, provide the following: Branch Name: Branch Address: Internet Access currently installed at Branch: Static IP address available at Branch: CU*Answers Network Services VPN Device, Usage, and Security Information o o o CU*Answers Network Services will provide a Cisco router for online GOLD network access. Detailed information about this product can be found at www.cisco.com. The Cisco router supplied by CU*Answers will provide virtual private networking (VPN) access. The Cisco router will block all traffic that is not intended for accessing CU*Answers network resources, in other words no other internet connectivity will be allowed to go out, or come in through the device. The device will allow CU*Answers core processing related services only. VPN-Only Connection Information and Sign-Up 2

Installation Questionnaire I. Contact Information Credit Union Name Physical Street Address City, State, Zip Credit Union Information Billing Address City, State, Zip Telephone Fax Name Shipping Address (if different than above) Address City, State, Zip Telephone Name & Title Site Contact Information Email Address Telephone VPN-Only Connection Information and Sign-Up 3

Name & Title After Hours Contact Information Email Address Telephone II. VPN Router Information Be sure to select the appropriate VPN design and complete the corresponding Deployment Option One, Two or Three section. (Failure to accurately complete the required fields may delay implementation.) Public IP IP: Secondary Public IP (Redundant Internet only) IP: CU*Answers Router Private IP IP: Subnet: Default Gateway for CUA Router IP: List of all LAN subnets at all locations: Networks: Internet Service Provider Connection Type (e.g. DSL, T1, Cable) Bandwidth (Down/Up) VPN-Only Connection Information and Sign-Up 4

RELEASE AND INDEMNIFICATION AGREEMENT Revision 2013.04.04 The Credit Union, identified below, and CU*Answers, Inc. ( CUA ) are parties to a Services Agreement whereby CUA provides data processing and other related services to Credit Union. 1. As part of these services, the Credit Union has selected a Virtual Private Network (VPN) as their primary communications strategy to CUA. CUA offers this communications strategy as a best effort service with no Service Level Agreement. 2. In consideration of Credit Union s request for VPN as primary connectivity, Credit Union agrees to comply with all requirements and costs outlined by CUA to support VPN connectivity, as may be modified from time to time, and to release, indemnify and hold CUA harmless from any and all claims, causes of action, administrative actions, damages, costs, including attorney fees, asserted by the Credit Union or any Credit Union member or third party arising from or relating to, directly or indirectly, the use of or inability to use VPN for primary connectivity to CUA. 3. Credit Union acknowledges that Business Class Internet access with a static pubic IP address provided by the Credit Union s Internet Service Provider (ISP) is required and is a self-managed service and is not the responsibility of CUA. 4. Credit Union acknowledges that CUA has strongly recommended redundant Internet Service Providers (ISPs) be employed for connection redundancy and failover purposes and that CUA is not responsible for Internet outages. This Release and Indemnification Agreement is dated: CREDIT UNION: Name Address Authorized Representative: Name Title Signature VPN-Only Connection Information and Sign-Up 5

VPN Connectivity Fees Contact Network Services for a custom proposal Cisco Router (if needed) $2500 VPN Port Charge $64/month/branch head-end Router Management (If not currently enrolled) $149/month for single site. $99/month/site for multiple sites. Initial router configuration (one time) $500/router VPN-Only Connection Information and Sign-Up 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information