Solved

mulit VPN from mulit remote systems

Posted on 2013-05-20
13
222 Views
Last Modified: 2013-06-07
HI All ,

can any one help ?

need to have mulit VPN's into one central office ,but each VPN must go to a different server.

was thinking PS sence ot untangle ?
0
Comment
Question by:awall2012
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 6
13 Comments
 
LVL 8

Expert Comment

by:jpgobert
ID: 39181116
First question... are you considering those two products because you have prior experience with them?  Any reason why you're not planning to purchase a firewall / router that can host these connections?

You say you need to have multiple tunnels terminating at one office... not a problem.  How many?  Are there multiple servers at each site?  

Can you clarify what you mean about "each VPN must go to a different server"?
0
 

Author Comment

by:awall2012
ID: 39181314
q)First question... are you considering those two products because you have prior experience with them
A)  yes

q)Any reason why you're not planning to purchase a firewall / router that can host these connections?
A) cost (testing)

Q)You say you need to have multiple tunnels terminating at one office... not a problem.  How many?  
A)at lest 20 poss more later

Q)Are there multiple servers at each site?  
a) no

q)Can you clarify what you mean about "each VPN must go to a different server"?

a) each remote office (read one VPN) will be access a diffent server at the main office

so remote office A > VPN >main office > server A

     remote office B >VPN main office > server B
   remote office B1 > VPN > main office >server B

  remove office C > vpn main office > server C
  c1>server C
  c2 > server C
  c3>server C

  D> server D   ETC .ETC
0
 
LVL 8

Expert Comment

by:jpgobert
ID: 39181372
Ok I'm following you now...

Are the remote offices a part of your organization?  If not, what device or software will be used on the remote end to host the tunnel?  Any issues with bandwidth that you need to work out?

Overall, what's your questions?  It sounds pretty straight forward from your last post... site to site IPSEC tunnels with a single host on each side.
0
Are You Ransomware's Next Victim?

Worried about ransomware attacks hitting your organization?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with WatchGuard Total Security!

 

Author Comment

by:awall2012
ID: 39181418
q)Are the remote offices a part of your organization
a) no

Q) what device or software will be used on the remote end to host the tunnel
A) still waitting on that info . some are home router with XP or Win7 PC's

q) Any issues with bandwidth
a) should not be this end

Q) what's your questions
a)  Connect each remote site to a separate local server via VPN for secure access.
0
 
LVL 8

Expert Comment

by:jpgobert
ID: 39181455
Definitely do-able... you really need to know what devices will be on the other end before making any firm decisions on what you'll be using on your side.  Trust me when I say that there's no such thing as a VPN host that is compatible with all other VPN hosts...

I'm a little concerned about the other end part... you're saying these are home offices?  Are you going to be responsible for providing support for the tunnels?  If so, and if it were me, I'd go in a totally different direction.

What services will the user be connecting to on the server?  Are they using remote desktop or something?  There may be a much easier way to link them up securely without dealing with trying to maintain IPSEC tunnels over consumer grade gear on residential internet connections which won't have static IP's.
0
 

Author Comment

by:awall2012
ID: 39181500
q)- you really need to know what devices will be on the other end before making any firm decisions
A) yes I agee , but Iam waitting on this info.

q)home offices?  /  responsible for providing support for the tunnels
a) afraid so ..... /  probably

Q) go in a totally different direction.
a) Iam very open to ideas

Q)Are they using remote desktop
a)yes as well as needing VPN

Q)There may be a much easier way to link them up securely without dealing with trying to maintain IPSEC tunnels over consumer grade gear on residential internet connections which won't have static IP's.
a) Iam very open to ideas about this hole Thingy
0
 
LVL 8

Expert Comment

by:jpgobert
ID: 39181521
Cool deal... first, we'll need a list of all the services they will be using.  I know you're saying they need VPN but let's let VPN itself aside for a second... what will they actually be doing over that connection?

If we can get a good list then I can probably offer a few options...

Is there a budget for this?  or do we absolutely have to stick with totally free options?
0
 

Author Comment

by:awall2012
ID: 39181546
q)budget for this
a) not this year , so need to stick with thw free bee s

q) what will they actually be doing over that connection?
a) file moves, internal only web access , backups, internat only DB access .
     internal only emails .
0
 
LVL 8

Expert Comment

by:jpgobert
ID: 39181562
Ok...

Will any of those activities be allowed to occur from their personal PC or only from within the remote deskop session?

Understood on the free part... let's see what we can come up with.
0
 

Author Comment

by:awall2012
ID: 39181570
some services via RDP

most from there PC to the serve ,  hence the VPN queston
0
 
LVL 8

Accepted Solution

by:
jpgobert earned 500 total points
ID: 39181596
OK... any reason why you wouldn't go with more of a "dial-up" VPN client solution?  To be honest that would be MUCH easier to setup, maintain and deploy to the users.  No special hardware or software on their side... you'd only need routing and remote access on a Windows server on your side... you *could* go with a separate software just for the VPN but you really don't have to if you don't want to.

If you were to run site-to-site tunnels between you and them you'd need to make sure that the ACL's were setup to block everything from their side except for the devices that should be connecting over the tunnel... then you'd have to make sure that they didn't change their IP's on those devices so that the ACL would need to change... could get really annoying.
0
 

Author Comment

by:awall2012
ID: 39181609
q)dial-up" VPN client solution
a) yes could do that
0
 

Author Closing Comment

by:awall2012
ID: 39228619
thank you
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
Read about achieving the basic levels of HRIS security in the workplace.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question