troubleshooting Question
Site to Site VPN - Firewall vs Router
Hello, all.
I need some advice on configuring site to site VPN tunnel between our datacenter and a remote office.
We currently have Fortinet firewalls on all of our remote offices including the datacenter and already configured a few IPSec VPN tunnels between the datacenter and a small offices that are not connected to our MPLS network.
In this senario, I have a remote office which has MPLS and seperate Internet circuit and I want to create a backup route in case the MPLS at this remote office goes down.
My question is that which will be the best way to configure VPN as a backup route.
First one is to configure the VPN between the two firewalls from/to datacenter and the remote office. This will utilize the internet circuit from both locations and all the routing will be handled by the firewalls in between the MPLS sites through the datacenter.
Second one is to configure IPSec VPN between the Datacenter MPLS router and remote office internet router using BGP for the routing between all MPLS networks. The datacenter has Cisco 1921 and the remote office has Cisco 891.
I would like to go with the second option but I wanted to ask for your opinion on this.
Thanks!!!!
I need some advice on configuring site to site VPN tunnel between our datacenter and a remote office.
We currently have Fortinet firewalls on all of our remote offices including the datacenter and already configured a few IPSec VPN tunnels between the datacenter and a small offices that are not connected to our MPLS network.
In this senario, I have a remote office which has MPLS and seperate Internet circuit and I want to create a backup route in case the MPLS at this remote office goes down.
My question is that which will be the best way to configure VPN as a backup route.
First one is to configure the VPN between the two firewalls from/to datacenter and the remote office. This will utilize the internet circuit from both locations and all the routing will be handled by the firewalls in between the MPLS sites through the datacenter.
Second one is to configure IPSec VPN between the Datacenter MPLS router and remote office internet router using BGP for the routing between all MPLS networks. The datacenter has Cisco 1921 and the remote office has Cisco 891.
I would like to go with the second option but I wanted to ask for your opinion on this.
Thanks!!!!
Learn from the best
Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.
Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 15 Comments.
Try for 7 days”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.
Our community of experts have been thoroughly vetted for their expertise and industry experience.