Connecting a Small Office

Dell / Pe2950
April 30, 2010 at 09:13:50
Specs: Server 2003, Dual Xeon 5150
I'm a little stuck for what I need to do. I'm in the process of setting up a small network for a friend. She will have a server, a few workstations, and a voip phone system.

Up until yesterday I had a grasp of what needed to be done. The cable modem/router was going to provide DHCP and DNS services to her LAN which would include a Windows Home Server and a 3COM Switch.

Now things are different. One of the machines in her office needs a VPN connection made to the manufacturer for monitoring and troubleshooting and the VOIP phones need a VPN connection to the phones in her other location.

The folks at Comcast are handling the VOIP VPN but said it will require a static IP address and that we can't use that address for the LAN. So we got a block of 5.

Now how do I make this all work? Do I need to buy more equipment?



See More: Connecting a Small Office

April 30, 2010 at 10:09:23
How many WAN ports does your router support. It sounds like they want to setup a point-to-point VPN which will require two WAN porst because you will need one for you VPN and one for your Internet. You could do a split tunnel but that can get messy. So see if your router supports two WAN connectors if not then you may want to get one.

Next, does your router have a VPN combiner in it? If it is a Cisco you may be able to buy a card to give you this. If not and you are looking to purchase a router get one that does. You may want to check with Comcast as to which router they recommend because VPN is always easier with like equipment.

Once you get the equipment then you will need to get the Phase 1 and Phase 2 authentication practicals they are using from Comcast to enter into your router. Most VPN uses 3DES but they my use something different. If they are using Cisco and you are using like equipment, then they can send you a Running Config you can simply load into your router.

The problem with Cisco is they wil not give you ANY help unless you have a Cisco certification. Part of the reason I think Cisco is evil but that is another story. If you have never configured a Cisco router before you may want to get some help. They do send you some commands you can enter to turn on the SDM which will give you a web based configuration tool that will make you life easier. I always get chewed out by my friends because I am a SDM boy but it is so much easier.

Report •

April 30, 2010 at 11:17:47
There is only one wan port with cable.

I think perhaps powlaz you need to get clarification on the amounts and types of vpns needed.

"One of the machines in her office needs a VPN connection made to the manufacturer for monitoring and troubleshooting "

There are two types of vpns. One is site to site and one is vpn client to vpn server. In the case of the connection to the manufacturer that would be doubtful its a site to site since that is much more expensive to impliment and maintain. You should contact the manufacturer to clarify this. The manufacturer should provide you with the client vpn software to download and install.

In the case of a vpn for the phones... that does not make much sense unless you want to do extension dialing [like hitting 4 numbers to connect but than it would only be office to office communication not office to world communication. The vpn would isolate the phone traffic between.

The other office is on Comcast also for ip phones correct? If so you would need to discuss this with comcast.

Report •

May 3, 2010 at 11:59:19
Thanks guys for the replies. I went back over the paperwork and made a phone call and I think I'm going to be OK. The machine manufacturer just needs a port opened in the firewall and the phone company (not the Internet provider as I previously thought) is handling the phone system VPN. They will be creating a site-to-site VPN using their equipment which means the Comcast provided modem/router is mine to configure for the LAN. Much easier than I realized.

Thanks again,


Report •
Related Solutions

Ask Question