Solved

Planning a "spread out" networking solution

Posted on 2004-09-09
12
233 Views
Last Modified: 2010-04-11
We have a facility in NC that we would like to network together.  Here are some of the road blocks we are facing.  

1)  Distance.  Some of the "remote" parts of the operation measure about 3 miles from the main office.
2)  No line of sight.  Dense forests fill the void between locations.
3)  Cost.  The network has to be reliable, but extremely cost effective.  I don't have a budgeted amount set in stone, so I cannot give that as a consideration, at this point.

Any ideas of how we can overcome this distance/no line of sight issue?  Thanks for the help.
0
Comment
Question by:dharvell
  • 6
  • 5
12 Comments
 
LVL 15

Accepted Solution

by:
Yan_west earned 250 total points
ID: 12019424
Hmm, bring an Internet connection in all of your offices, and install VPN tunnels between each location. That is how I would do it...... Depending on how reliable your connection need to be, the price you'll pay for the access can vary greatly.. From Normal DSL line, up to a FULL T1 with a Uptime agreement.

How to do this? Buy 3 PIX firewall, and connect them all to the central location using a permanent VPN tunnel. Depending on the size of the offices, you can chose a PIX 501, 506, 515, 525, 535..
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/
0
 

Author Comment

by:dharvell
ID: 12019839
Thanks for the feedback, Yan.  The firewall we would be using is the SonicWall TZ170 (as that is standard for our company).  The TZ170 does have VPN capability.  To expand on your idea, would it be possible to have VPN tunnels back to the main NC office and then, in turn, have a VPN tunnle from the main NC office to the headquarters office in MI?  That's our ultimate goal.
0
 
LVL 15

Expert Comment

by:Yan_west
ID: 12019905
I don't know really know anything about sonicwall products.. But I know that with a PIX, you could create multiple tunnel, between any location you want. Here, we have 20 remote office connected to Us, and some of these offices connect to each other..
0
 

Author Comment

by:dharvell
ID: 12019975
I'll consult my SonicWall expert and see if he knows if this is possible, or not.  We have an IS Dept who H A T E S change... including switching products. :)  If it is not possible with a SonicWall, then my arguement for the PIX will be that it will save us nearly $1500 per month, by getting rid of the point-to-point circuit we currently have from NC to MI.  That'll raise a response... Thanks again.
0
 
LVL 15

Expert Comment

by:Yan_west
ID: 12020062
If you can configure multiple tunnel on your sonicwall, then you will be able to do it without any problem..
0
 
LVL 11

Expert Comment

by:PennGwyn
ID: 12020079
SOME firewall/VPN products have had issues with trying to route traffic that comes in from one tunnel, back out through another.  Don't know about your particular make/model, but it seems to me that a proxy at the central NC site would be enough to get around that issue IF it surfaces.

0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 
LVL 15

Expert Comment

by:Yan_west
ID: 12020095
SonicWall TZ170

Site-to-Site VPN Policies
2 with 10 node TZ 170
10 with 25 node TZ 170
10 with Unrestricted node TZ 170
3DES and AES Performance: 30+ Mbps
0
 

Author Comment

by:dharvell
ID: 12020099
Thanks, PennGwyn.  I'll keep that in mind.
0
 

Author Comment

by:dharvell
ID: 12020299
Yan... I JUST saw that on the sonicwall web site.  We have the unrestricted node license...
0
 
LVL 15

Expert Comment

by:Yan_west
ID: 12020370
It means each device can have up to 10 tunnels.... Ok in your situation I guess..   What kind of traffic is going to go through this?  I would check it... Will this firewall accept the kind of load you are going to give it?
0
 

Author Comment

by:dharvell
ID: 12020723
Yan... it should.  The big portion of the traffic will be pure text - no graphics, documents, etc.  Off hours, we'll probably do virus definition pushes, and file backups.  Nobody will be on the system when the backups and definition pushes are being done.
0
 
LVL 15

Expert Comment

by:Yan_west
ID: 12020774
You should be ok then ;)
0

Featured Post

New My Cloud Pro Series - organize everything!

With space to keep virtually everything, the My Cloud Pro Series offers your team the network storage to edit, save and share production files from anywhere with an internet connection. Compatible with both Mac and PC, you're able to protect your content regardless of OS.

Join & Write a Comment

If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now