VPN Network Connection Problem

Good Day,
I'm looking for some input /suggestions to help with a problem.

Four geographically separate towns have two routers.  The main one for their office and then a 2nd one to operate some sensitive equipment.  The second router plugs into the first and gets it's WAN IP from it.

I want to make the secondary routers connect to each other throughout the towns using a VPN, but I don't think it will work because they are behind private routers.  Then a Laptop for each town should only be able to vpn into it's own town.

So a persistent Office to Office VPN is what I'm looking at doing.

I have included a graphic to hopefully help with the network design.

I'm interested to hear what some solutions might be.
 
Thank you in advance!
2ndFloorAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

QlemoBatchelor, Developer and EE Topic AdvisorCommented:
Not sure what you mean with "gets it's [sic] WAN IP from it". Is  the second router getting a real WAN address (public IP), or a local IP used on the WAN interface?

If it is a public IP, the routers can communicate with each other without issue. Otherwise you need to forward IKE traffic (udp/500) on the primary router to the secondary.

In any case you create a site-to-site tunnel from each to each secondary router to get a full mesh.

Getting external client access requires to create another, client-to-site VPN. You cannot use the site-to-site VPNs for that.

The graph is missing, by the way, but I'm not expecting it to reveal more anyway.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
2ndFloorAuthor Commented:
Thanks for the input, not sure why the picture didn't upload.  It was there on the preview.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Architecture

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.