G
Guest
Guest
Archived from groups: comp.dcom.vpn (More info?)
I need some advice on a vpn setup we're thinking of implementing.
My questions are at the bottom of this post.
Here's the scenario:
We have 3 offices and 2 remote users that need access to the 3 offices.
The 3 offices need to be connected on a seemless vpn with at least one
of the office's routers set up to facilitate remote users. Each of the
offices are currently connected to the Internet using business
(highspeed) dsl lines. The routers need to handle all the vpning
between offices so it appears that the 3 offices are just one seemless
LAN. (we're going to be mapping drives between offices) When a remote
user connects to any of the three offices they will have get assigned an
ip in that office's range. (example: If Office A has an ip range of
192.168.0.2-192.168.0.49, it will assign the remote user an available ip
in that range or possibly an ip from a small portion of that range
reserved for only remot users. After the remote user has connected he
will be able to access the 3 office vpn'd "lan".
Here's my idea for implementing this...
Replace the current routers at each office location with a Netgear
FVS318 or comparable. (http://www.netgear.com/products/details/FVS318.php)
Setup the router at Office A to have an internal IP of 192.168.0.1
Setup machines at Office A to have ips in the range of
192.168.0.2-192.168.0.49 and the Internet gateway set as 192.168.0.1
Setup the router at Office B to have an internal IP of 192.168.0.51
Setup the machines at Office B to have ips in the range of
192.168.0.52-192.168.0.99 and an Internet gateway address of 192.168.0.51
Setup the router at Office C to have an internal IP of 192.168.0.101
Setup the machines at Office C to have ips in the range of
192.168.0.102-192.168.0.149 and an Internet gateway address of 192.168.0.101
Summary:
Office A
Router IP:192.168.0.1
Machine's Ips: 192.168.0.2-192.168.0.49
Office B
Router IP:192.168.0.51
Machine's Ips: 192.168.0.52-192.168.0.99
Office C
Router IP:192.168.0.101
Machine's Ips: 192.168.0.102-192.168.0.149
Now for connecting them.
There are 2 way's to do this. Office B and C can connect to A. The only
problem I see with this is that files getting transfered between Office
B and C would get routed through A.
Would it work for each router to connect to the other 2? example:
Router A creates tunnels to B and C. Router B creates tunnels to A and
C. Router C creates tunnels to A and C.
If this setup is possible it has the advantage of being relatively "fail
safe" -if Office A's connection goes down, Offices B and C can still be
connected.
The remote users will be running Netgear's vpn client software and
connecting to office A----the remote users part is not important right
now, it can be worked out later.
Ok. Congrats on reading this far! =) Here's my question: Do you see any
potential problems with this setup? Can the Netgear Fvs318 routers do
this? Any comments or tips would be GREATLY appreciated.
Thanks for reading!
-RedRyder
I need some advice on a vpn setup we're thinking of implementing.
My questions are at the bottom of this post.
Here's the scenario:
We have 3 offices and 2 remote users that need access to the 3 offices.
The 3 offices need to be connected on a seemless vpn with at least one
of the office's routers set up to facilitate remote users. Each of the
offices are currently connected to the Internet using business
(highspeed) dsl lines. The routers need to handle all the vpning
between offices so it appears that the 3 offices are just one seemless
LAN. (we're going to be mapping drives between offices) When a remote
user connects to any of the three offices they will have get assigned an
ip in that office's range. (example: If Office A has an ip range of
192.168.0.2-192.168.0.49, it will assign the remote user an available ip
in that range or possibly an ip from a small portion of that range
reserved for only remot users. After the remote user has connected he
will be able to access the 3 office vpn'd "lan".
Here's my idea for implementing this...
Replace the current routers at each office location with a Netgear
FVS318 or comparable. (http://www.netgear.com/products/details/FVS318.php)
Setup the router at Office A to have an internal IP of 192.168.0.1
Setup machines at Office A to have ips in the range of
192.168.0.2-192.168.0.49 and the Internet gateway set as 192.168.0.1
Setup the router at Office B to have an internal IP of 192.168.0.51
Setup the machines at Office B to have ips in the range of
192.168.0.52-192.168.0.99 and an Internet gateway address of 192.168.0.51
Setup the router at Office C to have an internal IP of 192.168.0.101
Setup the machines at Office C to have ips in the range of
192.168.0.102-192.168.0.149 and an Internet gateway address of 192.168.0.101
Summary:
Office A
Router IP:192.168.0.1
Machine's Ips: 192.168.0.2-192.168.0.49
Office B
Router IP:192.168.0.51
Machine's Ips: 192.168.0.52-192.168.0.99
Office C
Router IP:192.168.0.101
Machine's Ips: 192.168.0.102-192.168.0.149
Now for connecting them.
There are 2 way's to do this. Office B and C can connect to A. The only
problem I see with this is that files getting transfered between Office
B and C would get routed through A.
Would it work for each router to connect to the other 2? example:
Router A creates tunnels to B and C. Router B creates tunnels to A and
C. Router C creates tunnels to A and C.
If this setup is possible it has the advantage of being relatively "fail
safe" -if Office A's connection goes down, Offices B and C can still be
connected.
The remote users will be running Netgear's vpn client software and
connecting to office A----the remote users part is not important right
now, it can be worked out later.
Ok. Congrats on reading this far! =) Here's my question: Do you see any
potential problems with this setup? Can the Netgear Fvs318 routers do
this? Any comments or tips would be GREATLY appreciated.
Thanks for reading!
-RedRyder