[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 421
  • Last Modified:

Multiple Remote Site VPN - Low Bandwidth


I am wondering if anyone would know a solution to the VPN dilemma I have.

We have 6 remote offices and one main office. The main office has the Servers and 3 of the remote offices connect to a terminal server at the main office using an IPSEC VPN and also use VOIP h.323 between each other using an LG Aria system. I would like to connect all of the remote offices to the main office but the problem is that it has limited bandwidth options because of it's semi-remote location. ADSL2 (getting 800k upload) is the quickest we can get without paying some ridiculous amount per month.

At the moment I am using a SnapGear SG580 at the main office with Dual ADSL2 connections one for web/email traffic and one for the VPN for the largest remote site. We then have an SG560 with one ADSL2 connection for the other 2 remote sites. We then have an SG560 with an ADSL2 connection for the VOIP.

At all 3 remote sites we have SG560's with Dual ADSL2 Connections, one for VPN one for VOIP.

I have a few problems with this setup:

1. It is a spiderweb and it's growing, I would rather have everything consolidated rather than having so many devices at the main office.
2. The SnapGear's don't have integrated ADSL modems, I have brindged ADSL modems to the Firewalls which I find to be unreliable. I have to reset modems and the SnapGear probably once every week or two at one of the locations.
3. If I add 3 more sites it will be a nightmare at the main office.

Does anyone have any suggestions without spending a bucket load or am I in utopia thinking this is possible using ADSL2.

Thanks for any help,

  • 3
  • 2
1 Solution
Vince GlissonCommented:
So how are things in Utopia?
This is a tough one, it was tough to just read about how this is all setup, you have a job on your hands. I have a few questions for you.
The remote sites - is there a server and each one. How many clients in each site?
What is the type of traffic that will be going back and forth between the main and the remote site?
I have been in your shoes before, the problem is basic physics - trying to fit 5 gallons of data down a 1 gallon pipe. The more you add the worse it will get, if you had one or 2 remote sites and the main was ASDL then we can deal with it, but if the remote sites are pushin alot of data to the main and/or back then the only solution is bandwidth.
 My opinion may change a little based on the "what type of traffic" question...
jayman7Author Commented:
HI MesaVince,

Things not to bad in Utopia :P The remote sites don't have any servers they simply use RDP to connect the Terminal Server at the main site and probably have between 10-15 concurrent connections at one time. They also print back to the remote office which takes up bandwidth and also occasionaly scan pdf files to the head office and that's about it not including the VOIP.
Vince GlissonCommented:
The bottle neck is the 10-15 RDP's coming in at the same time. Depending on how beefy your TS is i'll bet it works fairly well until they print something or scan something and if two people do it at the same time then down down down goes the response time.
If i had the money i would put in a full T1 24 channel, not sure if you could get one, and another T1 split half for voip and half for data at the main, use the full T1 for the pipe to the remote sites. I have a similar setup at work right now and it works great. T1 is about $500 a month most places not sure if this will work for you...
jayman7Author Commented:
Hi MesaVince,

Yes I would love a T1 for $500, problem is that i'm in Australia and worse still I am in Tasmania so that would not be possible.
Vince GlissonCommented:
Then i would approach your ISP there and see if they have a solution were you could get multiple dsl lines coming in and pipe then into "The Magic Box" and out the other side comes a bigger pipe, similar to load balancing a newtwork, i have done it with satilites where we took 3 of then and chained them together. So i think asking your ISP for some help would be the next step.

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now