Solved

Configaring ASTARO 8.0 SITE TO SITE IPSec VPN

Posted on 2011-03-11
16
952 Views
Last Modified: 2012-05-11
BroadBand Router with Port forwarding Function
Router with static Exernal IP 115.223.115.123 / Local IP 10.0.20.100

ASTARO PC IP 10.0.20.1

I have 10 clients that needs to connect to my server. Client OS Linux / Windows

I need help to configure and setup ASTARO 8.0

Appriciate your support.

Thanks and Regards
Imran
0
Comment
Question by:isheriff82
  • 8
  • 8
16 Comments
 
LVL 68

Expert Comment

by:Qlemo
Comment Utility
The usuage of "Site to Site" and clients is confusing - do you need to connet 10 individual, mobile clients or a branch with 10 clients?
Are you using IPSec or (Open)SSL VPN?
0
 

Author Comment

by:isheriff82
Comment Utility
no i need to used ipsec with astaro, i am new to astaro and ipsec, i need to know how to configure astaro vpn with ip sec, branch with 10 clients.

thx
0
 
LVL 68

Expert Comment

by:Qlemo
Comment Utility
Is the branch using another Astaro or IPSec capable hardware to connect to the HQ?
0
 

Author Comment

by:isheriff82
Comment Utility
yes all the other offices and branches use windows 7 / 2003 and lunux
0
 
LVL 68

Expert Comment

by:Qlemo
Comment Utility
That doesn't answer my question.

Do you want a single VPN connection used by all machines at one location, or each client as a separate VPN? The former requires another VPN hardware in each branch, the latter a client on each machine (and a lot of available connections on the Astaro).
0
 

Author Comment

by:isheriff82
Comment Utility
a single one! i have the main office running astaro, i need my brancers to connec to.local office network!

imran
0
 
LVL 68

Expert Comment

by:Qlemo
Comment Utility
Then you need a VPN device on each branch. You can trick some VPN clients into acting as a router, but that is only to use if you do not have no other choice.
Do you have that device? If yes, it is another Astaro?

Summary of what we know yet:
* HQ has Astaro 8.0
* branches should use site-2-site IPSec tunnel
0
 

Author Comment

by:isheriff82
Comment Utility
Ok what if i need all clients/branches to connect.to.the headiffice only!?
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 68

Expert Comment

by:Qlemo
Comment Utility
You are not clear. You are talking about 10 clients in one branch first, now there are many branches!?

But even if there are multiple branches - that does not change anything. Whether the branches need to communicate directly or via the HQ, however, is something completely different.
You need a VPN device in each branch. That's it. Only if there is one, maybe two clients only in each branch a client VPN might be better.
0
 

Author Comment

by:isheriff82
Comment Utility
all i need is from multiple locations to connect to my office network! securely!
0
 
LVL 68

Expert Comment

by:Qlemo
Comment Utility
I gave you the answer several times now.
0
 

Author Comment

by:isheriff82
Comment Utility
ok thx, but isnt there a easyer way!
0
 
LVL 68

Expert Comment

by:Qlemo
Comment Utility
Easier to use or easier to set up?
Since I have not seen how the Astaro IPSec works yet, I only know the SSL VPN part (which is OpenVPN), I cannot tell. But in general you only have the choice between using a client on each machine you want connect from, or a device managing the connection and acting as a router.

With the details you gave that is all we can tell, sorry.
0
 

Author Comment

by:isheriff82
Comment Utility
i just need all computer in 10 or less locations to be able to connect to my astaro 8.0 box/pc

is it possible, it should be be cause i have done the normal vpn pptp with windows servers

imran
0
 
LVL 68

Accepted Solution

by:
Qlemo earned 500 total points
Comment Utility
Which part of my answer you did not understand? It should be pretty clear now it is feasible, but a question of preference and existing hardware.
0
 

Author Closing Comment

by:isheriff82
Comment Utility
not quite, what i needed to know! but will do!
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Suggested Solutions

We sought a budget ($5,000) firewall solution that would provide all the performance we needed with no single point of failure.  Hosting a SAAS web application in our datacenter, it was critical that we find a way to keep connectivity up and inbound…
Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now