Solved

Site To Site VPN Connection

Posted on 2004-03-30
3
2,370 Views
Last Modified: 2013-11-16
I just got a project dropped into my lap to setup a Site to Site VPN connection. No Server involved. Currently my client has a Netopia Router that is doing DHCP and a Sonicwall Firewall in place at their HQ. They are currently setup to access the internet and receive their email from there ISP hosted email. Remote users are using Sonicwall VPN client to access their AS400. They are opening a new branch office that needs to have access to their AS400 at the Corp HQ. Branch office will consist of 6 workstations. Again No Server involved. Should I have them purchase another Sonicwall Firewall/VPN appliance? And what would be the best way to have the branch office initiate the VPN connection. Is there someway to have the Sonicwall appliance initiate the connection. If someone can supply me with a diagram would help clear up alot.
0
Comment
Question by:Djrobluv
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 18

Expert Comment

by:JConchie
ID: 10718037
We run sonicwall appliances at 6 different locations and have several other users coming in using group policy...the sonicwall software client...it all works fine.
I think the decision for you here is financial.......for only 6 users, you could just buy another bunch of vpn licenses for the sonicwall in the HQ and have each user connect via the software client........but for not much more, you could buy a tele 3 for the new branch office and setup a single vpn tunnel that lets all machine have access.....you can put them on the same subnet as the head office if you want......even hand out DHCP from the head office. Personally, I would go with the second appliance.

0
 
LVL 16

Accepted Solution

by:
The--Captain earned 250 total points
ID: 10718038
>Should I have them purchase another Sonicwall Firewall/VPN appliance?

Unfortunately, sonicwalls seem to get along best with other sonicwalls, so I'm say the answer here would be yes (also, then they can't weasel out of tech support calls by saying "it must be the other end of the VPN connection that is giving you problems")
>Is there someway to have the Sonicwall appliance initiate the connection

Of course - just configure the VPN parameters, and it should start working...

Since I'm not sure where your router is in all this (you didn't draw me a diagram), I'm not sure if you'll have to add some static routes someplace...

Cheers,
-Jon

0
 
LVL 5

Expert Comment

by:mrpez1
ID: 10719067
A couple things....The tele3 only allows 5 ip addresses behind it. For 6 users, you'll need an upgrade. Check out the soho3 or tz 170:

http://www.sonicwall.com/products/vpnapp.html

Also, If one of the sites has a dynamic IP address it has to initiate the VPN and the other must have a static IP. Think of it as a moving target. To be the initiator, the target must be static. You can only use aggressive mode (not main mode) in this case. If both are static, there's no problem.
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question