[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

VPN - 2 Linksys Routers

Posted on 2005-04-25
21
Medium Priority
?
282 Views
Last Modified: 2013-11-09
I am in Central PA and we are expanding to North Carolina.  We are a distrubution company which uses wireless scanners to ship & receive.  The company does not want to spend alot on connectivity and thus wanted to use our existing internet connect (cable 1mb/512k) and an internet connect down in NC (the same speed) and to create a VPN.

We have a couple Linksys BEFSX41 Cable/VPN Routers that I was going to use.  I saw Linksys's page about how to connect them two to create a VPN. Which is here:  http://www.linksys.com/support/top10faqs/BEFSX41/Setting%20up%20a%20VPN%20tunnel%20between%20two%20BEFSX41%20routers.asp

I have a couple of questions:

1)  In that link they talk about having each router on two different subnets.  Our wireless scanners grab an IP address from the DHCP server.  I want it to grab an IP from the DHCP Server here in PA.  I'm not planning on putting a server in NC yet.  Can this be done since they will be on two different subnets?  

2)  Do I need a DHCP Server in NC?

3)  Will both locations still be able to reach the internet?  

4)  As they add people in the next year or so we will go with a higher bandwidth.  The President of the corp. mentioned to me he read where some store outlets are using satelitte at high speeds to connect many of their offices together.  I don't know what companies offer this and what the costs are.  Right now they don't want to spend the money for T-1s for a point to point.

0
Comment
Question by:K-9
  • 7
  • 6
  • 4
  • +1
18 Comments
 
LVL 24

Expert Comment

by:purplepomegranite
ID: 13858202
1)  Yes, it could grab an IP address from your existing DHCP server, however the DHCP server will need to have another subnet available for IP distribution (that of the remote office) and also have an IP address in this range to be able to repsond to these requests.

2) Not necessarily.  Having said this, the BEFSX41 contains it's own DHCP server, so you could use this as the DHCP server in NC (which'll probably be easier really).

3)  Yes, the VPN is in addition to internet access.  Data for the remote network will be routed via the VPN, internet traffic will be routed as normal.

4)  Not sure what this question is?!
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 13858308
1) You must have two different subnets - one in PA and one in NC
VPN tunnel will not forward the DHCP requests, nor be a DHCP relay
2) The Router itself will be the DHCP server in NC. No need to buy anything more complicated than that
3) no problem
4) as for connectivity, I assume that you're looking at DSL or cable now. Anything like satellite will come with its own modem, just like dsl and cable do, and likely hand off Ethernet to you. As long as you get an Ethernet feed, your meager investment in the Linksys will serve you well into the future. If and when you expand to the point that you think you need point-to-point T1's, then you'll have to look at replacing them with something capable of working with T1's, like Cisco or Adtran.

Just remember that using the Internet as your backbone long-haul, you have zero guarantee of connectivity between the sites, zero Quality of Service assurance, etc, etc..
0
 
LVL 24

Expert Comment

by:purplepomegranite
ID: 13858368
I stand corrected on point 1, lrmoore's comment is entirely right.  Thanks for picking me up on that!
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
LVL 79

Expert Comment

by:lrmoore
ID: 13858414
Teamwork, my friend...
0
 

Author Comment

by:K-9
ID: 13858553
Thank you for your help so far.  The program that "connects" these wireless scanners (symbol 6846) is called Wavelink.  Even if these scanners are given a different ip subnet address it'll still work with the network up here in PA?

For example, my internal network in PA is 10.10.10.x, I would then create a network in NC of 10.10.20.x

I create the VPN connection and have my DHCP Server in PA hand out IP addresses to both 10.10.10.x and 10.10.20.x  The scanners in NC would get an IP address such as 10.10.20.40.  Would the communication from these scanners in NC then reach us in PA since they are on different subnets?
0
 
LVL 24

Expert Comment

by:purplepomegranite
ID: 13858651
If the scanners were set to send their data to an IP address on the PA network, then the traffic would automatically be routed by the Linksys to that IP address.  Basically, any traffic received by the NC router for subnet 10.10.10.x would be sent to PA.

How is Wavelink configured to upload it's data?  Do you manually enter an IP address into the software?  If this is the case, then it should work fine with no modification - the routers will send the data to the correct subnet.
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 2000 total points
ID: 13858654
>my internal network in PA is 10.10.10.x, I would then create a network in NC of 10.10.20.x
Correct

>I create the VPN connection and have my DHCP Server in PA hand out IP addresses to both 10.10.10.x and 10.10.20.x  
Not correct. The DHCP server in PA will not hand out IP address for NC. Rather the router in NC will hand out 10.10.20.x addresses

>The scanners in NC would get an IP address such as 10.10.20.40.
Correct, using the NC router as the DHCP server

>Would the communication from these scanners in NC then reach us in PA since they are on different subnets?
That's something you need to discuss with the Wavelink application vendor. Maybe it will, maybe it won't....

0
 
LVL 24

Expert Comment

by:purplepomegranite
ID: 13858739
Sorry, didn't notice that DHCP comment.  Ugh!

I have dealt with wireless scanners before (widely used in car auctions).  My comment does stand so long as the software is communicating using standard TCP/IP and is sending data to a specific IP address (in which case the location is transparent to it so long as the routing is correct).  However, these are two assumptions that should be taken up with the application vendor as advised.

On the basis that I don't appear to be reading things correctly right now, I think it's time for a cup of tea and a break...
0
 

Author Comment

by:K-9
ID: 13858941
Thanks for your help.  I contacted our vendor and waiting for their reply.  If it doesn't work, then what are my other options?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 13859207
If the product only works via broadcast traffic, then one of your only options would be a p2p T1 and bridge the connection so that you have same IP subnet on both sides, all broadcasts from both sides traverse the T1..
0
 
LVL 3

Expert Comment

by:mtpcbypc
ID: 13864433
Just an asside.  I have had fun (sarcasm) with Linksys dropping connections, needing regular resets etc.  Is this going to be a business critical environment or can you deal with a reset once in a while.  If you can't I would look at little better class of gear.  The comments above still stand by lrmoore and purplepomegranite no matter what VPN routing solution you get. I just have to question the Linksys choice for business.  I'd point you toward a Watchguard, 3com or Sonicwall if you job is on the line.
0
 

Author Comment

by:K-9
ID: 13865871
I have linksys wireless routers in our warehouses and even in -10 degree weather they held up pretty good.  We lost one and had to do maybe 2 resets this year.  The cable router never had to be reset.  If I were to go with another brand what models would be good?

Still haven't heard back from the vendor in reguards to the scanners.  I saw south bell has their own VPN structure, would this be in my interest at all?  

What do you guys think places such as kmart, subway, grocery stories, etc.. use to interconnect their offices?  I would think having T-1s at each location would be very expensive.  I'm just curious in that regard.  
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 13865918
I've seen many chains use Frame Relay with fractional T1's at their stores, sometimes 56k DDS frame-relay.
The new MPLS offerings from major telcos are pretty compelling, but expensive right now.
Satellite is another often-used, often-replaced data link.
Cable and DSL broadband have really opened up possibilities. MCI can route DSL lines direct to frame-relay ports at HQ.. I'm sure other providers can, too.
0
 
LVL 24

Expert Comment

by:purplepomegranite
ID: 13868071
I have had problems with routers/switches from all the cheaper manufacturerers at some point, but have also seen set-ups where they have been solid for years without a reset.  Your experience with Linksys sounds pretty good really, and my experience with their products is similar.  I personally would stick with them unless there was an overwhelming need to install business critical systems (in which case you'd really be looking at Cisco, in my book).  Mind you, Linksys is Cisco now anyway...
0
 

Author Comment

by:K-9
ID: 13884547
This is what I got from my vendor regarding the scanning:  

Your VPN connection will essentially make the other network an extension of the current one. You will need to make sure that the VPN equipment will pass traffic on the port you set the monitor on. Other than that you should work just fine.

I just got another BEFSX41 and trying to set it up with VPN.  No connection yet, but I think I am close.
0
 
LVL 24

Expert Comment

by:purplepomegranite
ID: 13887161
Sounds like the scanners use standard TCP/IP then, so you should have no problem using them over the VPN.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 14396921
Original questions were asked and answered.
At least PAQ it.. with no refund..

0
 
LVL 24

Expert Comment

by:purplepomegranite
ID: 14396964
I agree, the question has been answered.  And lrmoore should get the points in my view... I tried but he needed to correct me on a couple of points!!
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains the fundamentals of industrial networking which ultimately is the backbone network which is providing communications for process devices like robots and other not so interesting stuff.
In this article I will be showing you how to subnet the easiest way possible for IPv4 (Internet Protocol version 4). This article does not cover IPv6. Keep in mind that subnetting requires lots of practice and time.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question