VPN ideas for a very small office linked to a small-medium sized office.

Posted on 2005-04-07
Last Modified: 2010-03-18
 I work in IT at a manufacturing company, and we have a corporate office which is located several miles from our manufacturing plant.  Both locations have offices, though the plant only has 3 computers.  The corporate office has 10-15 computers.  This is the current setup:

Corporate Office:
Windows 2000 Domain, domain name Corporate.ClarionBathware.Local
Uplink is a frac T1 (8 pairs)
All domain clients running Windows xp, with the exception of one linux box used as an IDS.

                                                      |                  /    \
                                      [DOMAIN SERVER]  [IDS]    [WIRELESS ACCESS POINT]
Windows 2000 Domain, domain name Corporate.ClarionBathware.Local (same domain name, so that laptop users could traverse between facilities and make moving between domain servers seem transparent)
Uplink is a dialup 56k modem, moving towards a speedier wifi solution, no other cost effective internet service in the area.
All domain clients running Windows xp.

                                                      |                                       |
                                       [DOMAIN SERVER]             [Linux box serving as dial-up router (freesco)]

Neither of the linksys routers are models offering SoHo VPN capabilities, and we are aggressively seeking a cost-effective VPN solution.  The VPN Solution would have to envolve file/printer sharing between the two offices, and hopefully would allow
for creating ODBC (TCP) connections as well.  My personal knowledge lends more to programming than it does towards network design, and I was hoping somebody would be willing to post various ways to implement a VPN, as well as the approximated costs envolved in each method.  Thank you.
Question by:WKalata
    LVL 14

    Accepted Solution

    So ... you have two domains both with the same name?  Or one domain that doesn't replicate between DCs?  If the former, and you intend to connect these two networks together via a VPN tunnel, you're going to have no end of problems unless you migrate all the AD info from one domain to the other, take the "migration source" domain down and add a remote DC to the "migration destination" domain at the other site.  Considering that the plant only has three computers, you could conceivably have them authenticate over the yet-to-be-built VPN without any consequences, provided the connection is stable enough.

    I don't know cost off the top of my head, but I know that SonicWall routers have a simple site-to-site VPN config wizard.  The VPN tunnel would exist between the two SonicWall devices, invisible to clients behind either one.
    LVL 6

    Expert Comment

    Why not use windows vpn it free with windows 2000 ,client are all ready installed on xp If you have your domain up and running - with current patchs - it like a 30 min. install.  

    LVL 2

    Author Comment

    Are there any transparent solutions less expensive than SonicWall's? Most of those were claiming 3000-6000 ipsec tunnels, but with three computers, I'm guessing even 50-100 would be overkill.
    LVL 14

    Expert Comment

    The Sonicwall TZ150 supports two site-to-site VPNs, and CDW retails it for US$314  You'd need two.
    LVL 14

    Expert Comment

    I'm still very curious to know whether you have one "severed" domain or two domains with the same name.
    LVL 2

    Author Comment

    Two domains with the same name.  It's actually worked for us without any hiccups.

    Featured Post

    Why You Should Analyze Threat Actor TTPs

    After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

    Join & Write a Comment

    Suggested Solutions

    Title # Comments Views Activity
    Internal network naming convention 7 43
    AD health monitoring 2 51
    Freshly setup Server2012 DNS issues 14 37
    AutoCad licenses 9 24
    Nslookup is a command line driven utility supplied as part of most Windows operating systems that can reveal information related to domain names and the Internet Protocol (IP) addresses associated with them. In simple terms, it is a tool that can …
    Greetings, Experts! First let me state that this website is top notch. I thoroughly enjoy the community that is shared here; those seeking help and those willing to sacrifice their time to help. It is fantastic. I am writing this article at th…
    It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
    Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

    732 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    25 Experts available now in Live!

    Get 1:1 Help Now