Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 457
  • Last Modified:

Point to Point Connection with remote site.

Hello Experts:

I have a remote site that is using a DSL line and we here at the corporate office have a 3 meg t-1 line.  I need to funnel all the internet traffic from the remote site into the corporate site so they can be monitored while using the internet.  What do I need (hardware)  to set up a point-to-point connection so that their traffic is routed to us?  For the corporate office, I am looking to replace my SG-5 juniper router with a Palo Alto Firewall.

Thanks
0
huntersp3
Asked:
huntersp3
3 Solutions
 
Matt VCommented:
You just need a small branch office router at the other end and setup an IPSec VPN tunnel back to home office.  Make the branch router use the main office as it's default route.
0
 
SysExpertCommented:
Well your Juniper could handle this by adding a small netscreen ( NS 5 GT 20x or similar ) at the remote with a VPN tunnel to the office for all Internet traffic.

May also work with any router that can handle a VPN tunnel ( most can )

I hope this helps !
0
 
agaskill707Commented:
Any firewall that can do IPSec should do fine.  You can set up an IPSec tunnel where the far end of the tunnel (as the remote side sees it, to the corporate side it would be the near end) is the default network (0.0.0.0/0), which will make all internet traffic come through the IPSec tunnel to the corporate office and then go out the connection there.  Different firewalls might have their own nomenclature for such a tunnel configuration, but fundamentally that's what it is.  Two things to be aware of: 1) Internet access from the remote office will be using double the bandwidth at the corporate office, once to come in from the internet and once to go out to the remote site.  Of course T1s are full duplex, so they can potentially download at 3Mbit, it's just that it will be saturating both inbound and outbound bandwidth at corporate.  2) Some firewalls need special configuration instructions to allow VPN traffic coming in the external interface to be routed back out that same external interface.  In Cisco it's "same-security-traffic permit intra-interface" (or "inter-interface", depending on the setup).  I don't know about the Palo Alto firewall, it might not need any special configuration.
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now