Solved

how to setup vpn on separate router and isp

Posted on 2009-06-26
3
377 Views
Last Modified: 2013-12-25
Currently we have a network-A(192.168.1.x) with MS Exchange 2003 server, SQL server and DNS/DHCP/File server connected via a Watchguard Edge router to ISP-A.
We are setting up another office with a network to be connected by VPN to the main office.
My router supports VPN, but we would prefer to use a second ISP-B with a different router to establish the connection to our main office. This way we do not disturb the current setup which is working perfectly.

Can someone point me to the best way to set this up?
I have 2 network cards in the servers but we only use 1 at the moment.
Maybe I could use this one to setup a network-B(i.e. 192.168.2.x), but I don't know if I will get a conflict and if one side of the network will see the printer on the other.

Thanks for your help.
0
Comment
Question by:BroadSurf62
  • 2
3 Comments
 
LVL 3

Expert Comment

by:theklap
ID: 24726349
Do the following.

Set the remote office subnet to 192.168.2.0/24
then set up the VPN back to main offices ISP-B router
in your watchdog router add a route for
destination 192.168.2.0/24 to go through your ISP-B's VPN device that is on you main offices subnet as say 192.168.1.2.

The easiest would be just to use the ISP and router you have.  And if it too slow then pay for more bandwidth through ISP-A.

Or you can ask your ISP if they can do an IP-VPN for you across their network, maybe even an MPLS type cloud so you can get some QoS etc, and not go across the unpredictable latency of the public internet.
0
 

Author Comment

by:BroadSurf62
ID: 24727306
thanks for your input.
My current provider cannot provide ip-vpn but the second one offered us  a "local loop". So if we get the point to point connection between the 2 offices without internet, I could setup just as you described?
Will I need to add routes in the router for office-B too.
0
 
LVL 3

Accepted Solution

by:
theklap earned 500 total points
ID: 24728709
In office B you want all traffic to go across the point to point link, I am assuming you want office-B to have internet as well from Office-A ISP-A internet connection.
So in Office B router you want to set up the default route to go across the link to the point-to-point router in Office A.  This will get us to Office A for all traffic not serviced by office B.

From here you need to setup some routes in the point-to-point router from ISP-B at Office A.
a route that traffic going to 192.168.2.0/24 goes back to office B point-to-point router
and a default route that goes to 192.168.1.1 for the internet

In ISP-A watchdog router you need a route saying traffic destined for 192.168.2.0/24 goes to 192.168.1.2(or Office-A ISP-B point-to-point router IP).

Will the ISP provide the point-to-point routers?
If so you can just tell them how you are set-up and how you want things to work, they should be able to setup all the point-to point routing for you.  And then you just need to add the route in your watchdog.
0

Featured Post

Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
WatchGuard T50 - Internet Priority Based on VLAN or User 1 44
Claiming a Domain Name 7 52
Nimble Storage 3 103
Trouble enabling network for Hyper-V client 10 44
Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question