1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved: VPN Equipment for Branch Loaction

Discussion in 'Networking' started by somethingunreal, Oct 11, 2013.

Thread Status:
Not open for further replies.
Advertisement
  1. somethingunreal

    somethingunreal Thread Starter

    Joined:
    Nov 21, 2012
    Messages:
    56
    Hey guys

    Our company has a few branches located in the Midwest. One of the branches has a bad connection through the local ISP and they seem to lose it a lot.

    They were considering getting a cable back up connection because right now they use a telephone based DSL.

    I was wondering what kind of equipment do I need to make a VPN tunnel, that way I dont need to VPN each individual computer. If someone is a PRO in VPN please do let me know what is all required ie router, switch etc to have like a VPN box to avoid VPNing individual computers and the VPN will run over the cable internet backup.
     
  2. zx10guy

    zx10guy Trusted Advisor Spam Fighter

    Joined:
    Mar 30, 2008
    Messages:
    5,941
    What level of speed/service are you subscribing to with the cable provider? You need to take into account that the upload speed with VPN connectivity is every bit as important as download. What type of traffic and data load will you be pushing through the VPN tunnel? This will dictate the minimum speed you need. How far apart are the end points of the VPN and have you done a latency test? Will both locations for the VPN tunnel have a public static IP?

    What you need at both ends of the locations where the VPN tunnel is to be set up are either a router or firewall with VPN capability. You'll need to set up a site to site tunnel.
     
  3. somethingunreal

    somethingunreal Thread Starter

    Joined:
    Nov 21, 2012
    Messages:
    56
    It will be a static IP, the 3mg upload and about 15 down. Have not done a latency test but the branch will be VPNing to our Corporate office from Eldorato, Kansas to Des Moines wich is 363miles. This is also for approx 20 users at the branch location.
     
  4. zx10guy

    zx10guy Trusted Advisor Spam Fighter

    Joined:
    Mar 30, 2008
    Messages:
    5,941
    There are a myriad of products out there which you can use for this. You'll want a VPN capable firewall or router. The products I have first hand experience with are SonicWall, Cisco, Juniper, Watchguard, and Netgear. Your budget and features outside of the VPN capability will dictate your choice. I would say the Netgear FVS338 is a decent VPN router which you can use for this. I had one working on my home network for years until I replaced it with a Juniper SRX210 and eventually with a SonicWall TZ215.

    Some configuration talking points. You need to ensure the branch and the main office locations do NOT use the same IP subnet (ie both sites should not use for example 192.168.0.0/24). While there is a work around to a situation like this, it's complicated and will require a higher grade network appliance to accomplish a work around. Also, make sure you configure the encryption settings for the VPN for ESP and to at least 3DES for the phase 2 settings AES 256 being the best. For the phase 1, you want to set up exchange to be Main mode with the DH group at 2 and the authentication to be SHA-1. If there is a setting for encryption algorithm for phase 1, set this also to the highest encryption setting matching the phase 2 setting of 3DES or AES 256.
     
  5. CodeLexicon

    CodeLexicon

    Joined:
    Oct 15, 2013
    Messages:
    503
    There are some step by step VPN set-up guides for many router models on http://vpncasestudy.com/ - you'll just need to get a log in from the site admin for downloading the guides. I used that when I was using the Netgear FVS336Gv2.
     
  6. srhoades

    srhoades

    Joined:
    May 15, 2003
    Messages:
    2,298
    I use Sonicwalls for site to site tunnels. Their VPN wizard makes it pretty brainless to set up.
     
  7. somethingunreal

    somethingunreal Thread Starter

    Joined:
    Nov 21, 2012
    Messages:
    56
    Hey thanks everyone for all your input, very valuable information! Helped me solve my problem!
     
  8. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1110495

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice