Network Question

Hi All,

Still trying to decide about joining. I need some help with a networking situation. Here's the challenging situation.

Two physical Locations
Two Networks 10.26.173.XXX and 10.250.28.XXX
Each location has their own Internet Gateway ( using FortiGATE 60 Firewalls for gateways)
DeltaCOM has a P2P T-1 between the two locations
Both locations have their own WAN Static IP that is assigned to the FortiGATE 60's
All traffic is open going out ..nothing coming in...except http

I want to put SBS 2003 on the 10.26.173.XXX location and use DHCP

I want both locations to be authenticated thru SBS and use Exchange for mail.

Should I create a site to site VPN between the FortiGATES? OR is there a better way thru deltacom T-1 routers to accomplish this.
I ask this question to a DeltaCOM tech and he did not know.....was going to call me back and I never heard from him.
Any suggestions on VPN Appliances for the most speed.
FreshmanGuruAsked:
Who is Participating?
 
edster9999Connect With a Mentor Commented:
You assign DHCP locally for each subnet.  The router or gateway then has a route to the other network. and it points out to either the VPN address or to the route over the T1
0
 
edster9999Commented:
This can work either way.

In theory the T1 link will be faster but more expensive.  

If you do not want to pay for the leased line you can send it via the internet as long as you encrypt it via VPN.

Both will work - maybe you should do some speed tests
0
 
FreshmanGuruAuthor Commented:
thanks Edster...but something is still missing from the equation.

How can DHCP work? It will only assign IP's to match the SBS Server which is on the 10.26.173.xxx

How does the 10.250.28.xxx computers reach the server?
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
FreshmanGuruAuthor Commented:
thanks
0
 
Rich RumbleSecurity SamuraiCommented:
Cisco has the IP-Helper setting, which relay's DHCP requests to the DHCP server, and then back. It's also called the UDP helper
http://en.wikipedia.org/wiki/UDP_Helper_Address
Fortigate looks to have something similar:
http://kc.forticare.com/default.asp?SID=&Lang=1&id=800
I do not think it's available in the 60 however.

Windows servers can also do this too...
http://technet.microsoft.com/en-us/library/cc781416.aspx
http://support.microsoft.com/kb/232703
-rich
0
 
edster9999Commented:
That can be done but if you have two subnets then you are better to have 2 dhcp servers (for a network this size).  
If the link goes down you can still boot up the pcs.
and it makes it nice and simple
0
 
Rich RumbleSecurity SamuraiCommented:
Good point, and some switches, wifi's, and routers can do the DHCP, and it's practically a set it and forget it.
-rich
0
 
FreshmanGuruAuthor Commented:
I may not have to do anything with the P2P T-1 in place. I am going out today and try to ping the 10.26.173.xxx from a computer on the 10.250.28.xxx network. If there is a static route in place this should be doable..right?
0
 
edster9999Commented:
as long as there are routes in place in both directions and the line does not have filtering or firewalling to stop this sort of traffic.

Test it with ping and traceroute

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.