Solved

Best setup for sharing internet conneiton with 3rd party office

Posted on 2013-01-22
5
266 Views
Last Modified: 2013-04-08
We are going to be getting a new 50mb connection to our office and splitting it with another office in the building (different company).

What is the best setup for this? I'd like some minimum reporting of their usage, not necessarily what they are using it for.

Do i have a simple router in front with our individual routers behind it? Any lead into this would be greatly appreciated.

As fare as needs they will be on a different ip address as we will, need some services routed via ip to the office and possible vpn in both locations
0
Comment
Question by:loki0609
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 77

Accepted Solution

by:
Rob Williams earned 250 total points
ID: 38807408
The following outlines some options if you are not going to buy a commercial grade router that will create isolated LAN's (VLAN's).  Option 1 would be the best bet if you have multiple IP's available:
http://blog.lan-tech.ca/2011/05/23/create-an-isolated-network-using-one-isp-connection-and-modem/
0
 
LVL 10

Assisted Solution

by:ddiazp
ddiazp earned 250 total points
ID: 38808440
2 critical questions

1. How many people, how much bandwidth are you expecting this other office to use?
2. Is there any requirement for voice ports, QoS, and the like?

You should put a firewall in between your company and the other one. What i've done in the past for the same situtation is put a firewall behind the ISP router, dedicated one interface for the other company and make sure there's no access between the 2 companies via firewall config.
0
 
LVL 20

Expert Comment

by:rauenpc
ID: 38808522
I agree with ddiazp. Use a firewall that can separate the two companies. An ASA can be configured for netflow or snmp to get traffic statistics. Snmp is more what you described because you don't care what they re using it for. The ASA can also do qos to ensure neither company can hog the bandwidth.
0
 
LVL 9

Expert Comment

by:Sandeep Gupta
ID: 38809702
If you don't want to spend on firewall..then you can define two vrf domain for each company and two IPSEC vpns over those vrf.

with this set-up you can control BW usage by applying service policies on those IPSEC tunnels.
0
 
LVL 2

Author Comment

by:loki0609
ID: 38810756
There isn't any voip requirments, it's all pure data. There will be some rpd for some of the offices but that's just ip routing.

Some great suggestions here. I like Robwill's example, but we do have in the budget a new router so we can go with something. Rauenpc, I'm not sure what you mean by ASA but we do want some sort of reporting. Do you have any good brands in mind? I know Cisco is at the top but they sure are pricey and I've heard good things about some of the cheaper brands that have been around for a while.
0

Featured Post

Retailers - Is your network secure?

With the prevalence of social media & networking tools, for retailers, reputation is critical. Have you considered the impact your network security could have in your customer's experience? Learn more in our Retail Security Resource Kit Today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question