Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

mulit VPN from mulit remote systems

Posted on 2013-05-20
13
Medium Priority
?
225 Views
Last Modified: 2013-06-07
HI All ,

can any one help ?

need to have mulit VPN's into one central office ,but each VPN must go to a different server.

was thinking PS sence ot untangle ?
0
Comment
Question by:awall2012
  • 7
  • 6
13 Comments
 
LVL 8

Expert Comment

by:jpgobert
ID: 39181116
First question... are you considering those two products because you have prior experience with them?  Any reason why you're not planning to purchase a firewall / router that can host these connections?

You say you need to have multiple tunnels terminating at one office... not a problem.  How many?  Are there multiple servers at each site?  

Can you clarify what you mean about "each VPN must go to a different server"?
0
 

Author Comment

by:awall2012
ID: 39181314
q)First question... are you considering those two products because you have prior experience with them
A)  yes

q)Any reason why you're not planning to purchase a firewall / router that can host these connections?
A) cost (testing)

Q)You say you need to have multiple tunnels terminating at one office... not a problem.  How many?  
A)at lest 20 poss more later

Q)Are there multiple servers at each site?  
a) no

q)Can you clarify what you mean about "each VPN must go to a different server"?

a) each remote office (read one VPN) will be access a diffent server at the main office

so remote office A > VPN >main office > server A

     remote office B >VPN main office > server B
   remote office B1 > VPN > main office >server B

  remove office C > vpn main office > server C
  c1>server C
  c2 > server C
  c3>server C

  D> server D   ETC .ETC
0
 
LVL 8

Expert Comment

by:jpgobert
ID: 39181372
Ok I'm following you now...

Are the remote offices a part of your organization?  If not, what device or software will be used on the remote end to host the tunnel?  Any issues with bandwidth that you need to work out?

Overall, what's your questions?  It sounds pretty straight forward from your last post... site to site IPSEC tunnels with a single host on each side.
0
WatchGuard Case Study: NCR

With business operations for thousands of customers largely depending on the internal systems they support, NCR can’t afford to waste time or money on security products that are anything less than exceptional. That’s why they chose WatchGuard.

 

Author Comment

by:awall2012
ID: 39181418
q)Are the remote offices a part of your organization
a) no

Q) what device or software will be used on the remote end to host the tunnel
A) still waitting on that info . some are home router with XP or Win7 PC's

q) Any issues with bandwidth
a) should not be this end

Q) what's your questions
a)  Connect each remote site to a separate local server via VPN for secure access.
0
 
LVL 8

Expert Comment

by:jpgobert
ID: 39181455
Definitely do-able... you really need to know what devices will be on the other end before making any firm decisions on what you'll be using on your side.  Trust me when I say that there's no such thing as a VPN host that is compatible with all other VPN hosts...

I'm a little concerned about the other end part... you're saying these are home offices?  Are you going to be responsible for providing support for the tunnels?  If so, and if it were me, I'd go in a totally different direction.

What services will the user be connecting to on the server?  Are they using remote desktop or something?  There may be a much easier way to link them up securely without dealing with trying to maintain IPSEC tunnels over consumer grade gear on residential internet connections which won't have static IP's.
0
 

Author Comment

by:awall2012
ID: 39181500
q)- you really need to know what devices will be on the other end before making any firm decisions
A) yes I agee , but Iam waitting on this info.

q)home offices?  /  responsible for providing support for the tunnels
a) afraid so ..... /  probably

Q) go in a totally different direction.
a) Iam very open to ideas

Q)Are they using remote desktop
a)yes as well as needing VPN

Q)There may be a much easier way to link them up securely without dealing with trying to maintain IPSEC tunnels over consumer grade gear on residential internet connections which won't have static IP's.
a) Iam very open to ideas about this hole Thingy
0
 
LVL 8

Expert Comment

by:jpgobert
ID: 39181521
Cool deal... first, we'll need a list of all the services they will be using.  I know you're saying they need VPN but let's let VPN itself aside for a second... what will they actually be doing over that connection?

If we can get a good list then I can probably offer a few options...

Is there a budget for this?  or do we absolutely have to stick with totally free options?
0
 

Author Comment

by:awall2012
ID: 39181546
q)budget for this
a) not this year , so need to stick with thw free bee s

q) what will they actually be doing over that connection?
a) file moves, internal only web access , backups, internat only DB access .
     internal only emails .
0
 
LVL 8

Expert Comment

by:jpgobert
ID: 39181562
Ok...

Will any of those activities be allowed to occur from their personal PC or only from within the remote deskop session?

Understood on the free part... let's see what we can come up with.
0
 

Author Comment

by:awall2012
ID: 39181570
some services via RDP

most from there PC to the serve ,  hence the VPN queston
0
 
LVL 8

Accepted Solution

by:
jpgobert earned 2000 total points
ID: 39181596
OK... any reason why you wouldn't go with more of a "dial-up" VPN client solution?  To be honest that would be MUCH easier to setup, maintain and deploy to the users.  No special hardware or software on their side... you'd only need routing and remote access on a Windows server on your side... you *could* go with a separate software just for the VPN but you really don't have to if you don't want to.

If you were to run site-to-site tunnels between you and them you'd need to make sure that the ACL's were setup to block everything from their side except for the devices that should be connecting over the tunnel... then you'd have to make sure that they didn't change their IP's on those devices so that the ACL would need to change... could get really annoying.
0
 

Author Comment

by:awall2012
ID: 39181609
q)dial-up" VPN client solution
a) yes could do that
0
 

Author Closing Comment

by:awall2012
ID: 39228619
thank you
0

Featured Post

Identify and Prevent Potential Cyber-threats

Become the white hat who helps safeguard our interconnected world. Transform your career future by earning your MS in Cybersecurity. WGU’s MSCSIA degree program was designed in collaboration with national intelligence organizations and IT industry leaders.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Why do some people recommend buying business VoIP from an ISP? What are the benefits to my company? What are the costs?
What monsters are hiding in your child's room? In this article I will share with you a tech horror story that could happen to anyone, along with some tips on how you can prevent it from happening to you.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Suggested Courses

886 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question