Solved

Configaring ASTARO 8.0 SITE TO SITE IPSec VPN

Posted on 2011-03-11
16
968 Views
Last Modified: 2012-05-11
BroadBand Router with Port forwarding Function
Router with static Exernal IP 115.223.115.123 / Local IP 10.0.20.100

ASTARO PC IP 10.0.20.1

I have 10 clients that needs to connect to my server. Client OS Linux / Windows

I need help to configure and setup ASTARO 8.0

Appriciate your support.

Thanks and Regards
Imran
0
Comment
Question by:isheriff82
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 8
16 Comments
 
LVL 70

Expert Comment

by:Qlemo
ID: 35106997
The usuage of "Site to Site" and clients is confusing - do you need to connet 10 individual, mobile clients or a branch with 10 clients?
Are you using IPSec or (Open)SSL VPN?
0
 

Author Comment

by:isheriff82
ID: 35107325
no i need to used ipsec with astaro, i am new to astaro and ipsec, i need to know how to configure astaro vpn with ip sec, branch with 10 clients.

thx
0
 
LVL 70

Expert Comment

by:Qlemo
ID: 35107656
Is the branch using another Astaro or IPSec capable hardware to connect to the HQ?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:isheriff82
ID: 35114460
yes all the other offices and branches use windows 7 / 2003 and lunux
0
 
LVL 70

Expert Comment

by:Qlemo
ID: 35115754
That doesn't answer my question.

Do you want a single VPN connection used by all machines at one location, or each client as a separate VPN? The former requires another VPN hardware in each branch, the latter a client on each machine (and a lot of available connections on the Astaro).
0
 

Author Comment

by:isheriff82
ID: 35115974
a single one! i have the main office running astaro, i need my brancers to connec to.local office network!

imran
0
 
LVL 70

Expert Comment

by:Qlemo
ID: 35115991
Then you need a VPN device on each branch. You can trick some VPN clients into acting as a router, but that is only to use if you do not have no other choice.
Do you have that device? If yes, it is another Astaro?

Summary of what we know yet:
* HQ has Astaro 8.0
* branches should use site-2-site IPSec tunnel
0
 

Author Comment

by:isheriff82
ID: 35122796
Ok what if i need all clients/branches to connect.to.the headiffice only!?
0
 
LVL 70

Expert Comment

by:Qlemo
ID: 35124320
You are not clear. You are talking about 10 clients in one branch first, now there are many branches!?

But even if there are multiple branches - that does not change anything. Whether the branches need to communicate directly or via the HQ, however, is something completely different.
You need a VPN device in each branch. That's it. Only if there is one, maybe two clients only in each branch a client VPN might be better.
0
 

Author Comment

by:isheriff82
ID: 35130653
all i need is from multiple locations to connect to my office network! securely!
0
 
LVL 70

Expert Comment

by:Qlemo
ID: 35130799
I gave you the answer several times now.
0
 

Author Comment

by:isheriff82
ID: 35135255
ok thx, but isnt there a easyer way!
0
 
LVL 70

Expert Comment

by:Qlemo
ID: 35135634
Easier to use or easier to set up?
Since I have not seen how the Astaro IPSec works yet, I only know the SSL VPN part (which is OpenVPN), I cannot tell. But in general you only have the choice between using a client on each machine you want connect from, or a device managing the connection and acting as a router.

With the details you gave that is all we can tell, sorry.
0
 

Author Comment

by:isheriff82
ID: 35150220
i just need all computer in 10 or less locations to be able to connect to my astaro 8.0 box/pc

is it possible, it should be be cause i have done the normal vpn pptp with windows servers

imran
0
 
LVL 70

Accepted Solution

by:
Qlemo earned 500 total points
ID: 35151566
Which part of my answer you did not understand? It should be pretty clear now it is feasible, but a question of preference and existing hardware.
0
 

Author Closing Comment

by:isheriff82
ID: 35221833
not quite, what i needed to know! but will do!
0

Featured Post

Are You Headed to Black Hat USA 2017?

Getting ready for Black Hat next week? Kick things off with the WatchGuard Badge Challenge and test your puzzle and cipher skills. Do you have what it takes to earn our limited edition Firebox Badge? Get started today - https://crimsonthorn.net

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Using Windows 2008 RRAS, I was able to successfully VPN into the network, but I was having problems restricting my test user from accessing certain things on the network.  I used Google in order to try to find out how to stop people from accessing c…
Network traffic routing plays key role in your network, if you have single site with heavy browsing or multiple sites, replicating important application data from your Primary Default Gateway ,you have to route your other network traffic from your p…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Suggested Courses

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question