normsrv
asked on
How to configure/route two DSL connections?
I am suffering from a slow Internet connection. It is being brought on by a new Internet training program that our company is using that is delivered as streaming video. I have investigated different alternatives. Before I start spending money I want some external input on what I’m thinking. As well, I am open to other thoughts for possible solutions. Last, if the path I’m headed down is a good one, I need to know the specifics of what settings need to be set/changed on which devices to accomplish the intended goal.
Please realize I am a business owner and handle 99% of my network work. However, I have no formal training. As long as the jargon doesn’t get to complex I can accomplish just about anything with the excellent assistance I receive on this forum.
I have a small network spread across two stores. At store one I have the following equipment: a server running SBS 2003 and Exchange, an Altigen VoIP server, 4 workstations running XP Pro, and my Internet connection with a Watchguard firewall and my Internet connection. It is a 10.0.0.0 255.0.0.0 subnet.
At store two I have the following equipment: a server running: Server 2003, 7 workstations, 6 VoIP phones. It is a 192.168.10.0 255.255.255.0 subnet.
The two offices are connected via a dedicated PTP T-1 with Adtran (3200 & 3205) routers at both ends.
The current Internet connection is AT&T (formerly SBC). It is 1.5 Mbps down and 384 kbps up. When I spoke with AT&T they told me that due to the distance from the CO, I have the fastest that is available.
At store two, I can get 6.0 Mbps down and 768 kbps up from AT&T. However, the current (slower) connection has a TRUE fixed IP and never goes down. It is grandfathered in regarding the fixed IP, as long as I keep it. You can no longer get a true fixed IP address from AT&T. They charge you for a fixed IP then give you a “sticky IP” that connects with PPPoE. I have that service at my house so that I can use the branch office VPN feature on my Watchguard firewalls to connect to the network. On that connection, the “Sticky IP” unsticks at least twice a day. It is very frustrating.
I tried contacting Covad because they have real fixed IP addresses. However, store two is only 1000’ from a remote terminal and Covad can’t access that remote terminal. Therefore, they show the location being 11,000 feet from the CO and can’t offer anything faster than my current connection at store one.
My proposed plan is to add the 6.0 Mbps connection at store two with a dynamic IP (to save costs). Then, I want to accomplish my branch office VPN and Exchange server connections across the slower connection with the true fixed IP. I want all of the browsing to be accomplished via the faster connection at store 2.
I am having a little difficulty figuring out if this is possible. And, if it is, how do I point the appropriate equipment in the correct direction to use the desired connections.
All input is greatly appreciated.
Please realize I am a business owner and handle 99% of my network work. However, I have no formal training. As long as the jargon doesn’t get to complex I can accomplish just about anything with the excellent assistance I receive on this forum.
I have a small network spread across two stores. At store one I have the following equipment: a server running SBS 2003 and Exchange, an Altigen VoIP server, 4 workstations running XP Pro, and my Internet connection with a Watchguard firewall and my Internet connection. It is a 10.0.0.0 255.0.0.0 subnet.
At store two I have the following equipment: a server running: Server 2003, 7 workstations, 6 VoIP phones. It is a 192.168.10.0 255.255.255.0 subnet.
The two offices are connected via a dedicated PTP T-1 with Adtran (3200 & 3205) routers at both ends.
The current Internet connection is AT&T (formerly SBC). It is 1.5 Mbps down and 384 kbps up. When I spoke with AT&T they told me that due to the distance from the CO, I have the fastest that is available.
At store two, I can get 6.0 Mbps down and 768 kbps up from AT&T. However, the current (slower) connection has a TRUE fixed IP and never goes down. It is grandfathered in regarding the fixed IP, as long as I keep it. You can no longer get a true fixed IP address from AT&T. They charge you for a fixed IP then give you a “sticky IP” that connects with PPPoE. I have that service at my house so that I can use the branch office VPN feature on my Watchguard firewalls to connect to the network. On that connection, the “Sticky IP” unsticks at least twice a day. It is very frustrating.
I tried contacting Covad because they have real fixed IP addresses. However, store two is only 1000’ from a remote terminal and Covad can’t access that remote terminal. Therefore, they show the location being 11,000 feet from the CO and can’t offer anything faster than my current connection at store one.
My proposed plan is to add the 6.0 Mbps connection at store two with a dynamic IP (to save costs). Then, I want to accomplish my branch office VPN and Exchange server connections across the slower connection with the true fixed IP. I want all of the browsing to be accomplished via the faster connection at store 2.
I am having a little difficulty figuring out if this is possible. And, if it is, how do I point the appropriate equipment in the correct direction to use the desired connections.
All input is greatly appreciated.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
There are a couple thousand of the training videos and the method of deployment is proprietary so saving them really isn't an option. Plus, we really have outgrown the 1.5 Mbps DSL connection for just normal browsing. We can have up to 10 workstations browsing at once.
I have a WG Firebox X Edge functioning as my network firewall on the current DSL connection and also accomplishing my Branch Office VPN with another X Edge at my house (home office). I dug around and found my WG SOHO that I would likely use as a firewall for the new connection.
I don't completely grasp your Proxy layout though it is a great diagram. I'm also guessing that would require a new learning curve for me. Not that I mind learning a new trick. I would just need to better understand what exactly it will do for me before investing the time to figure it out.
Not going with a proxy, my real concern is just what you touched on -- how will Exchange handle all of this. Can I set the SBS machine's default gateway to my current WG's address and set my workstation's at store A with a default gateway as the Adtran handling the PTP T-1? Then have the Adtran look accross the T-1 to the new DSL connection rather than to the current WG device as it does now? And, also have all of the workstations at store B look to the new DSL connection for their default gateway? What about the server at store B? Does it need to look to the old connection of the new one for it's default gateway?
Staying with my concept I don't have to learn anything new and I understand what I'm doing -- uh, for the most part.
I have a WG Firebox X Edge functioning as my network firewall on the current DSL connection and also accomplishing my Branch Office VPN with another X Edge at my house (home office). I dug around and found my WG SOHO that I would likely use as a firewall for the new connection.
I don't completely grasp your Proxy layout though it is a great diagram. I'm also guessing that would require a new learning curve for me. Not that I mind learning a new trick. I would just need to better understand what exactly it will do for me before investing the time to figure it out.
Not going with a proxy, my real concern is just what you touched on -- how will Exchange handle all of this. Can I set the SBS machine's default gateway to my current WG's address and set my workstation's at store A with a default gateway as the Adtran handling the PTP T-1? Then have the Adtran look accross the T-1 to the new DSL connection rather than to the current WG device as it does now? And, also have all of the workstations at store B look to the new DSL connection for their default gateway? What about the server at store B? Does it need to look to the old connection of the new one for it's default gateway?
Staying with my concept I don't have to learn anything new and I understand what I'm doing -- uh, for the most part.
Hmmmm.. that should work - obviously, you might need to think about firewalling the other connection if you are going to potentially push other traffic than just HTTP down the new wire.
The Default Gateway setting merely tells the PC where to send packets it can't send directly (in the same subnet) so your plan would certainly work (where exchange has def gateway of the old connection). There is one caveat there.. if the PCs in the shop with two connections need to talk across the VPN - depending on whether the subnets are the same in both stores - there is a chance they would be unable to...
The proxy server is merely a box that sits between your web requests and the net/firewall - this has the added advantage that you will reduce your net bandwidth requirements even more - requests for the same object by multpile users (eg graphics and sometimes - but not always videos) will come from the cache and not from the net - improving performance. Not too hard to set up once you've got your head around the config files. This way means you are not upsetting your network setup at all - simply handling web traffic sererately....
The Default Gateway setting merely tells the PC where to send packets it can't send directly (in the same subnet) so your plan would certainly work (where exchange has def gateway of the old connection). There is one caveat there.. if the PCs in the shop with two connections need to talk across the VPN - depending on whether the subnets are the same in both stores - there is a chance they would be unable to...
The proxy server is merely a box that sits between your web requests and the net/firewall - this has the added advantage that you will reduce your net bandwidth requirements even more - requests for the same object by multpile users (eg graphics and sometimes - but not always videos) will come from the cache and not from the net - improving performance. Not too hard to set up once you've got your head around the config files. This way means you are not upsetting your network setup at all - simply handling web traffic sererately....
ASKER
I went and looked at the Squid product. It looks like a time vacuum to me. I love a new challenge, but I already have several of those waiting for me. On this one I'm most interested in quick results.
I am going to order up the second DSL line and leave this question open rather than asking a bunch of questions that I think I know the anser to, but I'm not completely sure of. Then, once I get the new connection going, I will bring the actual issues back. If it all goes well, I will close this out and award the points.
I am going to order up the second DSL line and leave this question open rather than asking a bunch of questions that I think I know the anser to, but I'm not completely sure of. Then, once I get the new connection going, I will bring the actual issues back. If it all goes well, I will close this out and award the points.
ASKER
After a few tweaks to the routes in the PTP Adtran units and the WG units, everthing is working good.
1. download the streaming video as a "SAVE AS" -- i.e. right click on the video link and SAVE AS a file name to the server.
2. Now make a link to that saved video on the server.
3. Send everyone in the office an email with a link to the training video on the server.
4. Problem solved.