Adding VPN to Office Network

Our main office is looking to add VPN to our network setup so that a remote office in another city can access some of our database files.  Our current network is connected to WAN via a DLS router.  We then have a 4 port D-Link router/firewall/print server that then connects to a couple hubs for our workstation computers.
We really enjoy the print server function of our current router and have no reason to replace anything we currently have.  However, we'd like to add VPN to the setup.
What would be the best solution to add VPN to our network and where in the chain would it go?

       WAN
          |
     DSL Router
          |
    4 port D-Link router
     |
  HUBS
     |
  workstations


We are currently looking at the D-Link DFL-80 which is a 4 port Ethernet VPN Firewall.
Would this work if placed between the DSL Router and the 4 port D-Link Router?
borleymsgsAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

drev001Commented:
Can you tell a bit more about the IP setup here. How many public IP's do you have and what devices perform NAT?
0
borleymsgsAuthor Commented:
We are a small company currently using Win 98 P2P networking--no dedicated server.  We do have 5 static IP's, but am using only 1 at the moment.  We have no special devices for NAT--it is done through the existing software/hardware as diagrammed.  
0
borleymsgsAuthor Commented:
I noticed that I did not have the points as I as I intended.
0
drev001Commented:
If you have 5 IP's, the DSL router will be doing the NAT. The 4 port Dlink router confuses things slightly. Is it there purely to provide print services and extra hub ports or is it set up as a router also? If it's routing, and you're sure you're only using 1 IP then there's a double NAT setup here which is bound to confuse any VPN implementation. Could your clarify this?

Here's how I would set it up:

Internet
|
|
DSL Router - IP: 200.200.200.201 (No NAT)
|
|
VPN\Firewall Device - WAN IP: 200.200.200.202 LAN IP: 192.168.100.1 (NAT)
|
|
Print server, hubs etc.
|
|
Workstations

(Note: 200.200.200.x are made up public IP's. You'll use two out of your 5 assigned IP's with a subnet mask of 255.255.255.248)

The VPN should be a straight forward IPSEC tunnel with identical hardware at both ends. I've used SNAPGear VPN\Firewalls successfully for this kind of setup: http://www.snapgear.com
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
borleymsgsAuthor Commented:
I am finally getting back to my VPN project.  As you can notice, I am not extremely knowledgeable about networking, especially WAN's.  Anyway, the DSL router is a Cisco 675 merely used to get DSL into the office.  And the D-Link router is used mainly to provide a firewall for the LAN, although it also is used for print services for one printer.  I doubt if this makes any difference in your recommendation, but thought I at least respond to your question.  Thank you for your input.  If you have any further thoughts, I will appreciate receiving them.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking

From novice to tech pro — start learning today.