?
Solved

Network Question

Posted on 2008-11-17
9
Medium Priority
?
229 Views
Last Modified: 2013-12-12
Hi All,

Still trying to decide about joining. I need some help with a networking situation. Here's the challenging situation.

Two physical Locations
Two Networks 10.26.173.XXX and 10.250.28.XXX
Each location has their own Internet Gateway ( using FortiGATE 60 Firewalls for gateways)
DeltaCOM has a P2P T-1 between the two locations
Both locations have their own WAN Static IP that is assigned to the FortiGATE 60's
All traffic is open going out ..nothing coming in...except http

I want to put SBS 2003 on the 10.26.173.XXX location and use DHCP

I want both locations to be authenticated thru SBS and use Exchange for mail.

Should I create a site to site VPN between the FortiGATES? OR is there a better way thru deltacom T-1 routers to accomplish this.
I ask this question to a DeltaCOM tech and he did not know.....was going to call me back and I never heard from him.
Any suggestions on VPN Appliances for the most speed.
0
Comment
Question by:FreshmanGuru
  • 4
  • 3
  • 2
9 Comments
 
LVL 20

Expert Comment

by:edster9999
ID: 22981478
This can work either way.

In theory the T1 link will be faster but more expensive.  

If you do not want to pay for the leased line you can send it via the internet as long as you encrypt it via VPN.

Both will work - maybe you should do some speed tests
0
 

Author Comment

by:FreshmanGuru
ID: 22981719
thanks Edster...but something is still missing from the equation.

How can DHCP work? It will only assign IP's to match the SBS Server which is on the 10.26.173.xxx

How does the 10.250.28.xxx computers reach the server?
0
 
LVL 20

Accepted Solution

by:
edster9999 earned 1500 total points
ID: 22981761
You assign DHCP locally for each subnet.  The router or gateway then has a route to the other network. and it points out to either the VPN address or to the route over the T1
0
What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

 

Author Comment

by:FreshmanGuru
ID: 22981946
thanks
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 22982008
Cisco has the IP-Helper setting, which relay's DHCP requests to the DHCP server, and then back. It's also called the UDP helper
http://en.wikipedia.org/wiki/UDP_Helper_Address
Fortigate looks to have something similar:
http://kc.forticare.com/default.asp?SID=&Lang=1&id=800
I do not think it's available in the 60 however.

Windows servers can also do this too...
http://technet.microsoft.com/en-us/library/cc781416.aspx
http://support.microsoft.com/kb/232703
-rich
0
 
LVL 20

Expert Comment

by:edster9999
ID: 22982066
That can be done but if you have two subnets then you are better to have 2 dhcp servers (for a network this size).  
If the link goes down you can still boot up the pcs.
and it makes it nice and simple
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 22982111
Good point, and some switches, wifi's, and routers can do the DHCP, and it's practically a set it and forget it.
-rich
0
 

Author Comment

by:FreshmanGuru
ID: 22984873
I may not have to do anything with the P2P T-1 in place. I am going out today and try to ping the 10.26.173.xxx from a computer on the 10.250.28.xxx network. If there is a static route in place this should be doable..right?
0
 
LVL 20

Expert Comment

by:edster9999
ID: 22984904
as long as there are routes in place in both directions and the line does not have filtering or firewalling to stop this sort of traffic.

Test it with ping and traceroute

0

Featured Post

Prep for the ITIL® Foundation Certification Exam

December’s Course of the Month is now available! Enroll to learn ITIL® Foundation best practices for delivering IT services effectively and efficiently.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Outsource Your Fax Infrastructure to the Cloud (And come out looking like an IT Hero!) Relative to the many demands on today’s IT teams, spending capital, time and resources to maintain physical fax servers and infrastructure is not a high priority.
Is your computer hacked? learn how to detect and delete malware in your PC
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question