Router VPN

Linksys Wrt160nl wireless-nrouterwith st...
November 10, 2010 at 14:59:25
Specs: Windows XP, 1 gig
Ok I want to setup site 2 site VPN though routers First question. can this be done on three sites and does it matter what router it is as long as it supports VPN 2. Does it have to be cisco or can I use linksys or smc. 3. Voice of IP can I use the accross the site 2 site? 4. Can I configure a router to connect straight 2 a windows 2008 VPN?

Ok I teel you what I want. I want to have a domain server at home and then 2 sites with PCs just switching logon and connecting straight though to the domain pulling policys down etc. I want router A to be at my end doamin and Router B and C connecting in. and may want to add further routers in future.



See More: Router VPN

Report •


#1
November 10, 2010 at 15:25:56
And what kind of budget do you have?

Not all firewall routers support site to site vpns. We use Sonicwalls which do support multiple site to site vpns

VoIP can go over a vpn if you have a VoIP phone system. Performance will be based on how much bandwidth you purchased.

You need to consider thin clients and terminal services which reduce bandwidth utilization.

How to properly post a question: http://tinyurl.com/2fsqqmu


Report •

#2
November 11, 2010 at 03:19:24
Well what im looking at is connecting 9 sites with voiceip PDA which link back wireless to the server which is somewhere else and server access with group policys etc the voiceip has got to be maintaned from the site where the server is any tips? Also lets say I brought a linksys with vpn routing what I want to know is could I buy 6 of them and link them say from the main linksys would that work or do they just link 2 each other and how easy is sonicwalls router to configure and use? and how much are they to buy?

Report •

#3
November 11, 2010 at 08:11:02
"9 sites with voiceip PDA " PBX? certainly not personal digital assistant.
"vpn routing " Eh?

jamie2000ukuk it doesn't appear that you have done this before. This appears to be a major project. Do you have any project management experience? Know how to organize this on paper, spec it out and do cost analysis?

Usually to try to avoid data and voice convergance on the same network for a number of reasons. You haven't even mentioned what bandwidth you plan to have or if it could support what you are attempting to do.

I would not recommend linksys for anything myself. I tried twice to use in a business environment and they did nothing but fail.

Sonicwalls are more expensive than linksys but you get more with them depending on what software packages you get with them. Techsupport is great and basic config is pretty straightforward.

How to properly post a question: http://tinyurl.com/2fsqqmu


Report •

Related Solutions

#4
November 11, 2010 at 14:32:03
Well I have done some VPN but not on this scale and I think they want it doing cheap!!!! Well the pda software tiny just sending data though the iis system though wireless which feeds back to a router now most of the sites have 3 or 4 pcs. I thought about site 2 site logmein hamachi citrix termnial service but for example if I use the hamchi service works great for the connection 2 the server and the pda but hows voip because this uses a encrypted program to send and recive. So hum.. and they may out souce the server remotly and this is me guess lol as I start the job in a week but biggest problem ive got they have already brought all this kit and none of it links none of it works and the only thing I can get from them is they have a server and a phone system and they need linking so any advice would be good and thanks for the advice so far :D Anyway I think they want me to sort there email system out not even got exchange server on Once I broke it down I think it be easier but if yopu were me how would you go out it? like the setup VPN

Report •

#5
November 11, 2010 at 14:34:07
Ewww and also broadband I would say 2 to 8mb lol and the VPN is'nt my first thought they had advice!!!

Report •

#6
November 11, 2010 at 16:07:01
Ouch. Not a lot to work with. What is the objective? This pda, its like an itouch? How do phones come into play?

How to properly post a question: http://tinyurl.com/2fsqqmu


Report •

#7
November 18, 2010 at 01:45:15
Choose LinkSys for that.

Report •

#8
November 18, 2010 at 07:33:40
I want to have a domain server at home and then 2 sites with PCs just switching logon and connecting straight though to the domain pulling policys down etc.

First consideration (as I see it).

This is exactly the wrong way to do this. You're going to clog up WAN links with unnecessary traffic. Put a DC in each location and let clients authenticate to it and receive policies from it. WAN links should only be used for syncronization traffic between DC's.

Also, doing this from home?!?! I'm sorry but, if these two remote sites are a business, then this should be setup in one or the other as you can't provide decent protection and bandwidth in a home environment. Do you have proper AC at home? How about UPS and power conditioning? Do you have a rack? Do you have a managed L3 switch at home?


Well I have done some VPN but not on this scale and I think they want it doing cheap!!!!

The way I've always seen it is, you have two choices:
1) Do it cheap
or
2) Do it right

Doing a job the right way means less hassles in the long run. With proper planning you leave yourself setup for growth and by employing the KISS principle, less problems troubleshooting issues that will arrise. Notice I said "will" and not "might", problems always crop up.

Once I broke it down I think it be easier but if yopu were me how would you go out it? like the setup VPN

If it were me, I'd be offering professional, mid-grade to enterprise level solutions. If they want "cheap" I'd refuse. I don't do cheap, I won't support "cheap" and, I won't even come in and fix someone elses "cheap" without charging an arm and a leg to do so. "Cheap" is just not worth the headaches and hassles IMHO

In all honesty, you'll probably find it very hard to do a mesh VPN on the cheap. I know of no SOHO level equipment that could provide reliable multipoint encrypted VPN's.

It matters not how straight the gate,
How charged with punishments the scroll,
I am the master of my fate;
I am the captain of my soul.

***William Henley***


Report •

#9
November 18, 2010 at 11:48:50
Ok bit background the server is in london. There are nine sites so VPN pr remote desktop is the only way I have looked at getting BT to fiber them all together yeah right at those prices. The server seem to be a mistry no one seem to know where it is which is causing a few problems lol The PDAs are bog stand windows mobile you have a wireless connection and bluetooth Now im thinking we leave the alousive server alone as it has a lot to do as it is and build a network from the ground up and get a decent broadband connection going into the head quarters with APC ups and there im thinking of getting a 25 VPN tunnel router and linking them together humm... other idear is citrix but where ever I fo it needs to have decent broadband and I agree I need to be able to move with the times in the future

Report •

#10
November 18, 2010 at 13:15:09
I have looked at getting BT to fiber them all together yeah right at those prices.

Not worth the $$$ it would cost for dedicated fibre optic lines between sites. It's much more cost effective to go with a Business Class highspeed internet connection (either ADSL or cable) and spend the money on your VPN endpoints. Do get internet connections with as much bandwidth as you can afford. Business class should all come with static IP addresses which is also necessary to keeping your setup as simple as possible.

I don't know anything about connecting PDA's and cell phones to a network so I can't help you there.

Now im thinking we leave the alousive server alone as it has a lot to do as it is

You really need to find this bad boy. The DC is far to important a piece of this network to not know where it is. Besides, at some point you're going to need to access it to work on it so it's best you find out where it is before you go any further. Again, if you're making this into one big active directory domain, your best bet is to always put a DC in each physical location that's going to have users logging into the domain.

is and build a network from the ground up and get a decent broadband connection going into the head quarters with APC ups and there im thinking of getting a 25 VPN tunnel router and linking them together

If I'm understanding you correctly, you're talking about putting a 25 VPN tunnel device in your headquarters and then linking each remote site in to it. If that's correct, this seems to me to be the better way to do this as compared to trying to do a mesh where each location is connected directly to each other location. The multi-point in one location is easier to maintain and troubleshoot and would also be a lot more cost effective.

My last thought is, you need to get some documentation going on your network. As much as I hate doing documentation (and I do) it's saved my butt too many times to gripe (too much) about having to do it. Draw out what you have and I can promise you, it'll help you greatly in getting to where you want to go. If you have access to a program like Visio that'll allow you to do it on a computer, great. If not, draw it up by hand. I can't stress enough how important it is to document.

It matters not how straight the gate,
How charged with punishments the scroll,
I am the master of my fate;
I am the captain of my soul.

***William Henley***


Report •

#11
November 30, 2010 at 08:01:07
My .02.

You can get fairly cheap CISCO ASA firewalls for SMB sites these days which are capable of handling plenty of L2L (B2B) IPsec VPN tunnels. They're also identical in terms of software to their larger enterprise brethren. CISCO has made huge strides in this area especially from the software standpoint. They are a little more expensive up front than say SonicWall, but when you get into expanding and building L2L's with other org's, CISCO is in just about every business. This can make things a little less complicated for longterm growth when bringing other sites online..

Anything VoIP related over the public internet is really a challenge. Even with QoS in place (which surprisingly no one has mentioned), you're placing a high level of trust that the public internet is going to be performing at optimum levels to handle voice calls regularly. This simply isn't the case and you're asking for real issues with anything more than a handful of users. I do some remote user VoIP sessions whereby I have users who have softphones running on their laptops and we nail up VoIP sessions to Avaya systems we manage in-house. This works 'ok', but we have invested heavily in our infrastructure. Going cheap in this area is not going to make life 'fun' for you down the road.

RDP is not necessarily a bandwidth saver. It really depends on what the users are doing. I run an environment with well over 1,000 thin client users leveraging VMware View 3.5 (uses RDP) and Terminal Services (again, RDP). This is nationally mind you and over a private MPLS. You could be setting yourself up for real issues if you don't investigate thoroughly what kind of performance your users will need and what they'll be doing before you implement something like RDP.

You're on the right track with Citrix as there are some compression advantages in this area vs. RDP. The same can be said in the latest incarnation of VMware View. Still, you're going to have to spend some cash on those licenses. It's not CHEAP by any stretch.

Finally, as someone else has mentioned. You really need to get a diagram together of your existing environment and what the new one would look like with the VPN's configured. The information up to this point is somewhat broad and not detailed enough to give you a better recommendation than what I've just typed.

Good luck to you.


Report •

Ask Question