Adding a second router for VPN traffic - where does it "fit" in the network design?

Hi all,

We have a very simple network setup:

PCs (192.168.1.x/24)
-> Unmanaged LAN Switch
-> Cisco ADSL 1800 Router (192.168.1.1)
-> Internets

We have been running VPN through the router, but we just don't have enough bandwidth for all services. So, we're going to get an 877 to replace the 1800 (i.e. the new 192.168.1.1) and we'll use the 1800 to terminate VPN traffic.

I've never added a second router to a site before, so I'm not 100% sure how to set it all up.

Would I simply set the 1800 up as, say, 192.168.1.2 so both routers are on the same subnet, keep 192.168.1.1 as the default gateway for the LAN, and set up static routes on the Servers / Clients that need to communicate to a VPN network using 192.168.1.2 as the gateway?

Is it that simple?
slamitAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

batry_boyCommented:
>>Is it that simple?

Almost.  Configuring the second router with 192.168.1.2 as its internal interface is fine, but for the routing you would have a couple of options:

1.  Leave all of your internal devices set to 192.168.1.1 as their default gateway and then put in a static route on the 192.168.1.1 router that points traffic to the VPN client addresses over to the 192.168.1.2 router, or

2.  Configure the internal devices that need to talk to the VPN clients with a static route pointing that traffic to the 192.168.1.2 router.

Option 1 causes your current 192.168.1.1 router to process more traffic, but option 2 is more administration on your part since you will have to identify those devices and manually configure the static routes.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
slamitAuthor Commented:
Sweet, thanks for that batry_boy, much appreciated.

I might go for option 2, it should only be a couple of Servers that need the static route set up... I think!

Thanks very much!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VPN

From novice to tech pro — start learning today.