mulit VPN from mulit remote systems

HI All ,

can any one help ?

need to have mulit VPN's into one central office ,but each VPN must go to a different server.

was thinking PS sence ot untangle ?
awall2012Asked:
Who is Participating?
 
jpgobertEnterprise IT Systems ConsultantCommented:
OK... any reason why you wouldn't go with more of a "dial-up" VPN client solution?  To be honest that would be MUCH easier to setup, maintain and deploy to the users.  No special hardware or software on their side... you'd only need routing and remote access on a Windows server on your side... you *could* go with a separate software just for the VPN but you really don't have to if you don't want to.

If you were to run site-to-site tunnels between you and them you'd need to make sure that the ACL's were setup to block everything from their side except for the devices that should be connecting over the tunnel... then you'd have to make sure that they didn't change their IP's on those devices so that the ACL would need to change... could get really annoying.
0
 
jpgobertEnterprise IT Systems ConsultantCommented:
First question... are you considering those two products because you have prior experience with them?  Any reason why you're not planning to purchase a firewall / router that can host these connections?

You say you need to have multiple tunnels terminating at one office... not a problem.  How many?  Are there multiple servers at each site?  

Can you clarify what you mean about "each VPN must go to a different server"?
0
 
awall2012Author Commented:
q)First question... are you considering those two products because you have prior experience with them
A)  yes

q)Any reason why you're not planning to purchase a firewall / router that can host these connections?
A) cost (testing)

Q)You say you need to have multiple tunnels terminating at one office... not a problem.  How many?  
A)at lest 20 poss more later

Q)Are there multiple servers at each site?  
a) no

q)Can you clarify what you mean about "each VPN must go to a different server"?

a) each remote office (read one VPN) will be access a diffent server at the main office

so remote office A > VPN >main office > server A

     remote office B >VPN main office > server B
   remote office B1 > VPN > main office >server B

  remove office C > vpn main office > server C
  c1>server C
  c2 > server C
  c3>server C

  D> server D   ETC .ETC
0
Turn Raw Data into a Real Career

There’s a growing demand for qualified analysts who can make sense of Big Data. With an MS in Data Analytics, you can become the data mining, management, mapping, and munging expert that today’s leading corporations desperately need.

 
jpgobertEnterprise IT Systems ConsultantCommented:
Ok I'm following you now...

Are the remote offices a part of your organization?  If not, what device or software will be used on the remote end to host the tunnel?  Any issues with bandwidth that you need to work out?

Overall, what's your questions?  It sounds pretty straight forward from your last post... site to site IPSEC tunnels with a single host on each side.
0
 
awall2012Author Commented:
q)Are the remote offices a part of your organization
a) no

Q) what device or software will be used on the remote end to host the tunnel
A) still waitting on that info . some are home router with XP or Win7 PC's

q) Any issues with bandwidth
a) should not be this end

Q) what's your questions
a)  Connect each remote site to a separate local server via VPN for secure access.
0
 
jpgobertEnterprise IT Systems ConsultantCommented:
Definitely do-able... you really need to know what devices will be on the other end before making any firm decisions on what you'll be using on your side.  Trust me when I say that there's no such thing as a VPN host that is compatible with all other VPN hosts...

I'm a little concerned about the other end part... you're saying these are home offices?  Are you going to be responsible for providing support for the tunnels?  If so, and if it were me, I'd go in a totally different direction.

What services will the user be connecting to on the server?  Are they using remote desktop or something?  There may be a much easier way to link them up securely without dealing with trying to maintain IPSEC tunnels over consumer grade gear on residential internet connections which won't have static IP's.
0
 
awall2012Author Commented:
q)- you really need to know what devices will be on the other end before making any firm decisions
A) yes I agee , but Iam waitting on this info.

q)home offices?  /  responsible for providing support for the tunnels
a) afraid so ..... /  probably

Q) go in a totally different direction.
a) Iam very open to ideas

Q)Are they using remote desktop
a)yes as well as needing VPN

Q)There may be a much easier way to link them up securely without dealing with trying to maintain IPSEC tunnels over consumer grade gear on residential internet connections which won't have static IP's.
a) Iam very open to ideas about this hole Thingy
0
 
jpgobertEnterprise IT Systems ConsultantCommented:
Cool deal... first, we'll need a list of all the services they will be using.  I know you're saying they need VPN but let's let VPN itself aside for a second... what will they actually be doing over that connection?

If we can get a good list then I can probably offer a few options...

Is there a budget for this?  or do we absolutely have to stick with totally free options?
0
 
awall2012Author Commented:
q)budget for this
a) not this year , so need to stick with thw free bee s

q) what will they actually be doing over that connection?
a) file moves, internal only web access , backups, internat only DB access .
     internal only emails .
0
 
jpgobertEnterprise IT Systems ConsultantCommented:
Ok...

Will any of those activities be allowed to occur from their personal PC or only from within the remote deskop session?

Understood on the free part... let's see what we can come up with.
0
 
awall2012Author Commented:
some services via RDP

most from there PC to the serve ,  hence the VPN queston
0
 
awall2012Author Commented:
q)dial-up" VPN client solution
a) yes could do that
0
 
awall2012Author Commented:
thank you
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.