• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 250
  • Last Modified:

VPS between 2 State

we have 2 office in New York City, we are opening one more office in LA. In our NYC offices we use Soho 6.0 and we have VPS network, so our managers can go to each computer using windows remote desktop. Is it possible to do with our LA office? Do they need to get Soho 6.0 to do that? Or any firewall will do?  Please advice step by step since I'm not networking person.
0
shahedny
Asked:
shahedny
  • 3
1 Solution
 
BILJAXCommented:
Yes, you would setup an IPSEC VPN between your main office and the LA Office.

You basically setup another tunnel/gateway on your main firewall to the reflect the public IP and the local network of the LA office.


Configure DNS on the main firewall to route DNS from both VPN tunnels (to both remote offices) back to your main network (DNS server).  When you configure the VPN, you should enable the "Any" service (which allows all ports to be forwarded/accessed).   This means, that on both sides of the VPN, the data can reach any port/destination.


This is assuming you have a Firebox Firewall as your "main" firewall hosting the VPN sessions.


AC
0
 
shahednyAuthor Commented:
do we need FireFOx Firewall in both location?
0
 
BILJAXCommented:
Ideally, it should be something like this:

                             MAIN OFFICE (MAIN DNS/FILE/DHCP SERVER)
                                                     |
                                 FIREBOX II, III or X series firewalls
                                     |                                 |          
                                 VPN1                             VPN2
                                     |                                 |
                                SOHO 6                         SOHO 6
                                     |                                  |
                             Internal network                  Internal Network
                             at NY office 1                        at LA office


AC
0
 
BILJAXCommented:
You need something to "route the VPN traffic" when you have more than 1 VPN tunnel.


AC
0
 
MarakushCommented:
Biljax,

Yep your correct, but you can use just a spoke configuration to route between offices...

NYC1 - 192.168.1.0/24
NYC2 - 192.168.2.0/24
LA1 - 192.168.3.0/24

Have NYC2 and LA1 VPN into NYC1 as you suggested.

Also:

Have LA1 VPN to NYC2

What that will do is create a redundent connection.

So my humble suggestion is for you to install 2 data lines per office, the point being you want to use two differant carriers for each line, get 2 VPN firewalls for each office (NYC1 should have a T1 BTW just for reliablity) With this configuration if a line goes down each office will still be able to connect with the others.

To route the traffic its not that bad jsut add static routes into the VPN firewalls for each location

You can also use Biljax configuration with one change if you can't get managment to go the redundent route. Just add another VPN connection/route from NYC2 to LA1 so that traffic from NYC2 dosent have to go from NYC2 to NYC1 to LA1 it will be routed from NYC2 to LA1 and skip the middle man so to speak.

Okay those are my suggestions...

Oh your question :) heheh

Yes you will need at least one VPN enabled firewall at each location along with a data connection depending on the amount of data between locations will determine the size connection you need.

Marakush

0

Featured Post

Fill in the form and get your FREE NFR key NOW!

Veeam is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now