Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

How should i plan the network for small branch office with only 5 pcs???

Posted on 2010-01-09
6
Medium Priority
?
407 Views
Last Modified: 2012-05-08
Dear experts

Main Office:
Network: 192.168.189.0/24
Using:Microsoft AD, DHCP, DNS
Using: Juniper N5GT
Bandwidth: ADSL 10M download & 1M upload bps

I will need to set up the branch office with 5 PCs. I am planning to VPN both office which i will connect N5GT to SSG5.

1.Is it a good idea (with only limited bandwidth) for me to set the SSG5 (branch Office) as a DHCP agent so PCs in the branch office can be served by DHCP server in the main office????????

2. Would i be able to serve the branch office using AD, DNS, Antivirus Servers in branch Office







0
Comment
Question by:Gordon Tin
  • 3
  • 2
6 Comments
 
LVL 100

Expert Comment

by:John Hurst
ID: 26273060
You can set the branch office Netscreen to be the DHCP server for the branch. At that point, the branch office users get an IP address and can use the internet independently of head office.

Now set up a tunnel between the two Netscreen devices and then branch office users have all the services they need from the head office server.

Be sure (since you are using ADSL) that you set the MTU in the routers at 1492. Default is 1500 and is not efficient for VPN.
... Thinkpads_User
0
 
LVL 21

Accepted Solution

by:
Rick_O_Shay earned 1500 total points
ID: 26273531
It may be a question of whether or not you want to maintain 2 DHCP servers and do you want those users to get to the internet bypassing the corporate firewall, IDS, etc. I realize that the administration part isn't much with just 5 devices but can the remote VPN based DHCP server do everything you need like the main one? I am not a server guy so I don't know how much Microsoft AD relies on the local DHCP and DNS servers for things relating to the clients they are responsible for.

DHCP isn't going to consume that much bandwidth if you are relaying it through the VPN tunnel and if the PC has not gotten its IP address yet it isn't going to be sending anything to the Internet anyway.

The second part is do you want to get DNS and Internet access through the corporate structure or locally?

To your question number 2 the answer is yes.
0
 

Author Comment

by:Gordon Tin
ID: 26333794
I will set the branch office Netscreen to be the DHCP server at the beginning stage until Microsoft Server is ready to pick up the DHCP work.
I have the following questions regarding using SSG5 as DHCP server.
1.    Do i have options in netscreen to provide DHCP service only for certain IP range.
2. For example, i have trust (192.168.1.0/24) & subinterface in trust (10.0.10.0/24).
Does Netscreen-SSG5 is capable of serving both networks?
Please kindly share yr expert experience.  
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 100

Expert Comment

by:John Hurst
ID: 26334833
For question 1: Yes.
For question 2: I do not know.

The branch box provides DHCP for the branch location. The tunnel back to the main office is in the static range of both boxes. And presumably the Server at the main location will be the DHCP server for the main location.

... Thinkpads_User
0
 

Author Comment

by:Gordon Tin
ID: 26339821
Let me revise my question...............
I am NOT trying to  provide DHCP through the tunnel back to the main office.
 
2. For example, i have trust (10.10.189.0/24) & subinterface in trust (10.0.10.0/24).
Does Netscreen-SSG5 is capable of serving both networks?

Please kindly share yr expert experience. .............................  
0
 

Author Closing Comment

by:Gordon Tin
ID: 31674974
ok Links
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question