Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Two VPNs on a single connection possible?

Posted on 2009-04-04
2
Medium Priority
?
265 Views
Last Modified: 2012-05-06
I am not very familiar with networking and trying to understand our network admin and get a picture of what needs to be done in the following setup:

In the main location, we have two networks physically completely separated with two different ISPs. Each network has a firewall with a public IP (completely independent from each other).

The branch location has one cable internet connection with a modem/router combined. Behind this box are two firewalls with private IP (10.0.1.x) addresses on the WAN ports separating two networks. Firewall1 has a VPN connection established with the network1 in the main office.

I am assuming that firewall1 must be initiating the VPN connection to the main office, because it is located behing the cable/router with a private IP on the WAN port. Am i correct or are there any other options?

What I am trying to do is to establish a second VPN connection between firewall2 (also located behing the cable/router with a private IP on the WAN port) and network2 in the main office.

Can the second connection interfere with the first one in any way (except taking bandwidth)?

Our admin claims that we need to assign static IP addresses for each firewall at the branch location. Is this required? If yes, why?

Thank you for clarification.
0
Comment
Question by:sonetinc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 5

Accepted Solution

by:
Mechanic_Kharkov earned 1000 total points
ID: 24069732
If the main office has two separated networks 1 & 2, and both has each own VPN server with it's own external IP, then there is no need to set statically IP's in branch firewalls (VPN clients) to connect to them.
Interferences may be present if networks in the main location is not properly isolated with IP's, or if in the branch location there is complex routing rules to main office networks.
As described, firewalls 1 and 2 are the VPN clients, so it doesn't matter what addresses they have, if their servers are separated well.
Maybe there are some additional network dependencies in Your setup, and the admin only knows about them. (?)
0
 
LVL 1

Author Closing Comment

by:sonetinc
ID: 31566659
This is what I came across yesterday...

"If the Netgear FVS318 has a dynamically obtained WAN IP address, it will not be possible to set up a VPN tunnel to the SonicWALL device, due to the way the Netgear FVS318 calculates the initialization vector for phase two. This is a Netgear issue and cannot be addressed by
SonicWALL."

It seems that Netgear has some issues when one of the ends has a dynamic IP.
0

Featured Post

Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you connect to your workplace's VPN, you may not notice that you are using your workplace's servers to serve up webpages.  This might be undesirable since the workplace can log all the places you've been.  It also might be very slow to load pag…
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question