Site To Site VPN Connection

I just got a project dropped into my lap to setup a Site to Site VPN connection. No Server involved. Currently my client has a Netopia Router that is doing DHCP and a Sonicwall Firewall in place at their HQ. They are currently setup to access the internet and receive their email from there ISP hosted email. Remote users are using Sonicwall VPN client to access their AS400. They are opening a new branch office that needs to have access to their AS400 at the Corp HQ. Branch office will consist of 6 workstations. Again No Server involved. Should I have them purchase another Sonicwall Firewall/VPN appliance? And what would be the best way to have the branch office initiate the VPN connection. Is there someway to have the Sonicwall appliance initiate the connection. If someone can supply me with a diagram would help clear up alot.
DjrobluvAsked:
Who is Participating?
 
The--CaptainConnect With a Mentor Commented:
>Should I have them purchase another Sonicwall Firewall/VPN appliance?

Unfortunately, sonicwalls seem to get along best with other sonicwalls, so I'm say the answer here would be yes (also, then they can't weasel out of tech support calls by saying "it must be the other end of the VPN connection that is giving you problems")
>Is there someway to have the Sonicwall appliance initiate the connection

Of course - just configure the VPN parameters, and it should start working...

Since I'm not sure where your router is in all this (you didn't draw me a diagram), I'm not sure if you'll have to add some static routes someplace...

Cheers,
-Jon

0
 
JConchieCommented:
We run sonicwall appliances at 6 different locations and have several other users coming in using group policy...the sonicwall software client...it all works fine.
I think the decision for you here is financial.......for only 6 users, you could just buy another bunch of vpn licenses for the sonicwall in the HQ and have each user connect via the software client........but for not much more, you could buy a tele 3 for the new branch office and setup a single vpn tunnel that lets all machine have access.....you can put them on the same subnet as the head office if you want......even hand out DHCP from the head office. Personally, I would go with the second appliance.

0
 
mrpez1Commented:
A couple things....The tele3 only allows 5 ip addresses behind it. For 6 users, you'll need an upgrade. Check out the soho3 or tz 170:

http://www.sonicwall.com/products/vpnapp.html

Also, If one of the sites has a dynamic IP address it has to initiate the VPN and the other must have a static IP. Think of it as a moving target. To be the initiator, the target must be static. You can only use aggressive mode (not main mode) in this case. If both are static, there's no problem.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.