Solved

Site-To-Site VPN question - Site-To-Site VPN Tunnel and local Internet access possible?

Posted on 2008-10-10
4
268 Views
Last Modified: 2011-10-19
Hi, this is a newbie question on site-to-site VPN,

We want to link up two small offices (26 staff in one, 7 in the other) across asia and Europe.  The staff in Europe office will access the file servers in Singapore and both office uses SDSL or VDSL (4Mbps/1Mbps and 20Mbps/2Mbps).

Previously I understand several companies implemented VPN and route all Internet traffic in/out only via one site for security/firewall management.

However we want all Internet traffic to be routed locally (in/out) to local country ISP rather than traversing VPN tunnel and congesting one site.

Can site-to-site VPN tunnel allow local Internet access? or once a site-to-site VPN tunnel is establish, ALL traffic will be routed over the VPN tunnel and out through one gateway.

Many thanks
Joo
0
Comment
Question by:artradis
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 6

Assisted Solution

by:DewFreak
DewFreak earned 100 total points
ID: 22692439
Each site will use it's own internet provider unless your specifically configure your networks to funnel all traffic thru the tunnel.  Depending on the gear you use will also determine this as some lower end gear does not even give you the option to force all VPN traffic.  Only the local network traffic will be routed across your VPN tunnel.
0
 
LVL 4

Accepted Solution

by:
BMPTS earned 300 total points
ID: 22692448
Yes you can route internet traffic just to the ISP, while routing the "company" traffic via VPN.

The easiest way is by destination, ie network 1 subnet, VPN'd to network 2 subnet (of course the public IP's building the tunnel) and if the destination is not one of your company networks your firewall should simply route to your ISP without encryption for internet traffic.

Just by building a good VPN tunnel with your firewalls Default external route being correct, you should be fine.

I will attach an example network diag asap
0
 
LVL 4

Assisted Solution

by:BMPTS
BMPTS earned 300 total points
ID: 22692585
Here ya go... IP's are just examples.
NetExamp-1.pdf
0
 
LVL 5

Assisted Solution

by:devangshroff
devangshroff earned 100 total points
ID: 22692797
yes do split tunuling on vpn , this will allow vpn as well as internet traffic.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Support licences 3 31
Sonicwall TZ 190 2 32
Cisco ASA VPN Client Routing 8 59
pfsense upgrade from 2.2.6 to 2.3.3 28 24
Using Windows 2008 RRAS, I was able to successfully VPN into the network, but I was having problems restricting my test user from accessing certain things on the network.  I used Google in order to try to find out how to stop people from accessing c…
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question