Posted: 4/2/2012 7:20:21 AM EDT
|
One thing I've never experimented with is setting up VPNs. I've been helping out a local business with some IT work and they are planning on opening a second office about 70 miles away and want to be able to link the two office networks together. Is this something I could set up fairly easily? If the routers support it can I set them up to establish a VPN connection and then magically users on one end can see the others? Or will we need to set up another device in front of or behind each router? Each office will only have 5-10 users and their own business class DSL line. The biggest requirement is for the users at the remote site to be able to access the NAS I set up at the office here.
Edit: just found this link: http://www.dd-wrt.com/wiki/index.php/OpenVPN_-_Site-to-Site_Bridged_VPN_Between_Two_Routers Will something like this work? I've been running dd-wrt on my home router for the past few years so I have some experience with it. |
|
You definitely want to do a point to point but I couldn't give you commands since I don't know the routers. I'm a cisco guy.
The protocols should work across different vendors as long as the router models are capable of doing VPNs. What is the router model at the other location? I guess I'm not sure why you posted the link, are you going to replace both devices and put dd-wrt on them? Personally I'd purchase a business class router with the proper capabilities but if cost is an issue you could probably go that route. ETA: Just did a search for that model and realized it's a DSL modem. I'm probably not going to be much help since I haven't dealt with dd-wrt or used consumer based products for business applications. |
|
Quoted:
You definitely want to do a point to point but I couldn't give you commands since I don't know the routers. I'm a cisco guy. The protocols should work across different vendors as long as the router models are capable of doing VPNs. What is the router model at the other location? I guess I'm not sure why you posted the link, are you going to replace both devices and put dd-wrt on them? Personally I'd purchase a business class router with the proper capabilities but if cost is an issue you could probably go that route. The remote office isn't set up yet. It won't be for another month or two I think. I was mostly wondering if the process described in the links is what I should be looking for, whether it's using dd-wrt or another device. Will all the computers on the network at location A be able to directly see all the computers at location B without each one having to "VPN in" to the other network? |
|
Quoted:
ETA: Just did a search for that model and realized it's a DSL modem. I'm probably not going to be much help since I haven't dealt with dd-wrt or used consumer based products for business applications. Yeah I had forgotten it's a combination DSL modem and router. It doesn't look like it has any support for any kind of VPN. I will either have to replace it with something else or only use the modem portion and connect it to another router with VPN capability. |
|
Quoted:
Quoted:
You definitely want to do a point to point but I couldn't give you commands since I don't know the routers. I'm a cisco guy. The protocols should work across different vendors as long as the router models are capable of doing VPNs. What is the router model at the other location? I guess I'm not sure why you posted the link, are you going to replace both devices and put dd-wrt on them? Personally I'd purchase a business class router with the proper capabilities but if cost is an issue you could probably go that route. The remote office isn't set up yet. It won't be for another month or two I think. I was mostly wondering if the process described in the links is what I should be looking for, whether it's using dd-wrt or another device. Will all the computers on the network at location A be able to directly see all the computers at location B without each one having to "VPN in" to the other network? At a brief glance I would say it's not what you should be looking for, but if using that product it may be the way you do it. With site-to-site VPNs, you don't really have a server router or client router. Check out Cisco's 800 series routers. They have DSL routers with VPN capabilities. No idea what your price range is but you should be able to find something in the $4-600 range depending on options and where you get it. http://www.cisco.com/en/US/products/hw/routers/ps380/prod_models_home.html |
|
Quoted:
Quoted:
Quoted:
You definitely want to do a point to point but I couldn't give you commands since I don't know the routers. I'm a cisco guy. The protocols should work across different vendors as long as the router models are capable of doing VPNs. What is the router model at the other location? I guess I'm not sure why you posted the link, are you going to replace both devices and put dd-wrt on them? Personally I'd purchase a business class router with the proper capabilities but if cost is an issue you could probably go that route. The remote office isn't set up yet. It won't be for another month or two I think. I was mostly wondering if the process described in the links is what I should be looking for, whether it's using dd-wrt or another device. Will all the computers on the network at location A be able to directly see all the computers at location B without each one having to "VPN in" to the other network? At a brief glance I would say it's not what you should be looking for, but if using that product it may be the way you do it. With site-to-site VPNs, you don't really have a server router or client router. Check out Cisco's 800 series routers. They have DSL routers with VPN capabilities. No idea what your price range is but you should be able to find something in the $4-600 range depending on options and where you get it. http://www.cisco.com/en/US/products/hw/routers/ps380/prod_models_home.html Thanks I'll look into those. I really need to find out what all they are going to want to do. It sounds like file sharing and instant messaging and possibly video conferencing between the two sites are in the works and it may be best to get something now that can handle future needs as well. |
|
There's most likely a turn-key appliance based solution that you can set up... place a device on each end, configure how they need to talk, go home happy.
It all depends on how much you're willing to spend. You could do something like a firewall at the main site and a VPN concentrator at the satellite site... then put a rule in the firewall to allow access... |
|
The Cisco RV110W/120/220 models look good on paper but wow the reviews are terrible for all of them. I think a lot of them are from people using them at home and not really knowing what they are doing, but also lots of buggy firmware reports.
RV082 looks even better and gets rid of the wireless which we won't really need, but once again the reviews are terrible. Do you have to spend $400 to get something decent from cisco? The search continues |
|
Quoted:
The Cisco RV110W/120/220 models look good on paper but wow the reviews are terrible for all of them. I think a lot of them are from people using them at home and not really knowing what they are doing, but also lots of buggy firmware reports. RV082 looks even better and gets rid of the wireless which we won't really need, but once again the reviews are terrible. Do you have to spend $400 to get something decent from cisco? The search continues Anything decent is going to run you a bit of money. |
|
Quoted:
Quoted:
The Cisco RV110W/120/220 models look good on paper but wow the reviews are terrible for all of them. I think a lot of them are from people using them at home and not really knowing what they are doing, but also lots of buggy firmware reports. RV082 looks even better and gets rid of the wireless which we won't really need, but once again the reviews are terrible. Do you have to spend $400 to get something decent from cisco? The search continues Anything decent is going to run you a bit of money. Even for something that only needs to support ~8 users on each end? The good cisco stuff seems more geared toward thousands of users |
|
Quoted:
Quoted:
Quoted:
The Cisco RV110W/120/220 models look good on paper but wow the reviews are terrible for all of them. I think a lot of them are from people using them at home and not really knowing what they are doing, but also lots of buggy firmware reports. RV082 looks even better and gets rid of the wireless which we won't really need, but once again the reviews are terrible. Do you have to spend $400 to get something decent from cisco? The search continues Anything decent is going to run you a bit of money. Even for something that only needs to support ~8 users on each end? The good cisco stuff seems more geared toward thousands of users They have stuff marketed toward smaller branch offices and stuff, but I'm not familiar with the gear. Any business class gear is going to run a few bucks. You can't expect to buy a $100 device designed for home use and have the features you need for a business. |
|
Quoted:
Quoted:
Quoted:
Quoted:
The Cisco RV110W/120/220 models look good on paper but wow the reviews are terrible for all of them. I think a lot of them are from people using them at home and not really knowing what they are doing, but also lots of buggy firmware reports. RV082 looks even better and gets rid of the wireless which we won't really need, but once again the reviews are terrible. Do you have to spend $400 to get something decent from cisco? The search continues Anything decent is going to run you a bit of money. Even for something that only needs to support ~8 users on each end? The good cisco stuff seems more geared toward thousands of users They have stuff marketed toward smaller branch offices and stuff, but I'm not familiar with the gear. Any business class gear is going to run a few bucks. You can't expect to buy a $100 device designed for home use and have the features you need for a business. The numbers I posted above are from their small business line and run between $100 and $200 but they all have HORRIBLE reviews |
|
Quoted:
Quoted:
Quoted:
Quoted:
Quoted:
The Cisco RV110W/120/220 models look good on paper but wow the reviews are terrible for all of them. I think a lot of them are from people using them at home and not really knowing what they are doing, but also lots of buggy firmware reports. RV082 looks even better and gets rid of the wireless which we won't really need, but once again the reviews are terrible. Do you have to spend $400 to get something decent from cisco? The search continues Anything decent is going to run you a bit of money. Even for something that only needs to support ~8 users on each end? The good cisco stuff seems more geared toward thousands of users They have stuff marketed toward smaller branch offices and stuff, but I'm not familiar with the gear. Any business class gear is going to run a few bucks. You can't expect to buy a $100 device designed for home use and have the features you need for a business. The numbers I posted above are from their small business line and run between $100 and $200 but they all have HORRIBLE reviews I would recommend the 400-600 range. Just depends on what features are important to you. ETA: I've heard good things about the 877 but it's end of life. Look the 800 series, not sure which one is the exact replacement bu there should be some good stuff in that series. Could still probably get a few of that model but you won't be able to get support from Cisco if it's needed. |
|
Quoted:
Quoted:
Quoted:
Quoted:
Quoted:
Quoted:
The Cisco RV110W/120/220 models look good on paper but wow the reviews are terrible for all of them. I think a lot of them are from people using them at home and not really knowing what they are doing, but also lots of buggy firmware reports. RV082 looks even better and gets rid of the wireless which we won't really need, but once again the reviews are terrible. Do you have to spend $400 to get something decent from cisco? The search continues Anything decent is going to run you a bit of money. Even for something that only needs to support ~8 users on each end? The good cisco stuff seems more geared toward thousands of users They have stuff marketed toward smaller branch offices and stuff, but I'm not familiar with the gear. Any business class gear is going to run a few bucks. You can't expect to buy a $100 device designed for home use and have the features you need for a business. The numbers I posted above are from their small business line and run between $100 and $200 but they all have HORRIBLE reviews I would recommend the 400-600 range. Just depends on what features are important to you. ETA: I've heard good things about the 877 but it's end of life. Look the 800 series, not sure which one is the exact replacement bu there should be some good stuff in that series. Could still probably get a few of that model but you won't be able to get support from Cisco if it's needed. I had a customer that was wanting to get rid of their client VPN and transition to a site-to-site tunnel. They had purchased an RV082 model to connect back to their HQ (which was a Cisco). Was fairly easy to get them to set up in a lab scenario, had it talking using dynamic VPN from the RV082 side over to a cisco 871 with no real issues in about 10 minutes or so. One thing to take into account is no matter which model this is easiest if both sides are using static IPs. It appears to be possible from a quick search that someone had success setting up a tunnel between two dynamic IPs using Rv042 but I do not know if a Cisco will support it. The scenario I had required the remote side (dynamic IP) to initiate traffic over to the HQ to initially build the tunnel, after that traffic could freely pass. I agree with paadams, if they can afford Cisco 800 series or similar I would go that route just for reliability sake. You may also consider some pre-owned equipment as well from a reputable dealer. |
|
Is this a business-critical acquisition? If not, is legacy equipment an option? A PIX 525, 3030 VPN Concentrator, or 3725/3745 with an encryption accelerator could be purchased for peanuts, and they're drop-dead reliable. I'd take a five-year old 525 or 3745 over a "small business class" product any day of the week, in terms of reliability. |
|
Quoted:
Is this a business-critical acquisition? If not, is legacy equipment an option? A PIX 525, 3030 VPN Concentrator, or 3725/3745 with an encryption accelerator could be purchased for peanuts, and they're drop-dead reliable. I'd take a five-year old 525 or 3745 over a "small business class" product any day of the week, in terms of reliability. I will look into those. Thanks! |
|
What are they planning on doing over this link? If they (or you) think you are going to hook up some DSL lines and share files across the network you are going to be disappointed. File shares are slow at 10 megabit speeds (internet connection here) which costs thousands of dollars a month. Even hosting the mail server in one office and connecting from the other will be a problem. Make sure you are not biting off more than you can chew on this. If you are not getting paid, you are going to hate mentioning it. If you are getting paid, they are going to lean on you to "fix" a problem that cannot be fixed. |
|
Quoted:
What are they planning on doing over this link? If they (or you) think you are going to hook up some DSL lines and share files across the network you are going to be disappointed. File shares are slow at 10 megabit speeds (internet connection here) which costs thousands of dollars a month. Even hosting the mail server in one office and connecting from the other will be a problem. Make sure you are not biting off more than you can chew on this. If you are not getting paid, you are going to hate mentioning it. If you are getting paid, they are going to lean on you to "fix" a problem that cannot be fixed. Well I assume they are going to want to share some documents but so far they haven't used the NAS I set up except for 2 secretaries working on a quickbooks file that I moved over to it. Luckily they don't have enough licenses for anyone at the other office to be able to use quickbooks so I don't have to worry about that nightmare. They are also going to want to be able to video chat and instant message between the two offices. So far that's all I know about. |
Submitted an offer on ebay and the seller accepted. If they end up not working out I shouldn't have any problem reselling them