?
Solved

Site To Site VPN Connection

Posted on 2004-03-30
3
Medium Priority
?
2,374 Views
Last Modified: 2013-11-16
I just got a project dropped into my lap to setup a Site to Site VPN connection. No Server involved. Currently my client has a Netopia Router that is doing DHCP and a Sonicwall Firewall in place at their HQ. They are currently setup to access the internet and receive their email from there ISP hosted email. Remote users are using Sonicwall VPN client to access their AS400. They are opening a new branch office that needs to have access to their AS400 at the Corp HQ. Branch office will consist of 6 workstations. Again No Server involved. Should I have them purchase another Sonicwall Firewall/VPN appliance? And what would be the best way to have the branch office initiate the VPN connection. Is there someway to have the Sonicwall appliance initiate the connection. If someone can supply me with a diagram would help clear up alot.
0
Comment
Question by:Djrobluv
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 18

Expert Comment

by:JConchie
ID: 10718037
We run sonicwall appliances at 6 different locations and have several other users coming in using group policy...the sonicwall software client...it all works fine.
I think the decision for you here is financial.......for only 6 users, you could just buy another bunch of vpn licenses for the sonicwall in the HQ and have each user connect via the software client........but for not much more, you could buy a tele 3 for the new branch office and setup a single vpn tunnel that lets all machine have access.....you can put them on the same subnet as the head office if you want......even hand out DHCP from the head office. Personally, I would go with the second appliance.

0
 
LVL 16

Accepted Solution

by:
The--Captain earned 750 total points
ID: 10718038
>Should I have them purchase another Sonicwall Firewall/VPN appliance?

Unfortunately, sonicwalls seem to get along best with other sonicwalls, so I'm say the answer here would be yes (also, then they can't weasel out of tech support calls by saying "it must be the other end of the VPN connection that is giving you problems")
>Is there someway to have the Sonicwall appliance initiate the connection

Of course - just configure the VPN parameters, and it should start working...

Since I'm not sure where your router is in all this (you didn't draw me a diagram), I'm not sure if you'll have to add some static routes someplace...

Cheers,
-Jon

0
 
LVL 5

Expert Comment

by:mrpez1
ID: 10719067
A couple things....The tele3 only allows 5 ip addresses behind it. For 6 users, you'll need an upgrade. Check out the soho3 or tz 170:

http://www.sonicwall.com/products/vpnapp.html

Also, If one of the sites has a dynamic IP address it has to initiate the VPN and the other must have a static IP. Think of it as a moving target. To be the initiator, the target must be static. You can only use aggressive mode (not main mode) in this case. If both are static, there's no problem.
0

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question