Solved

How to create a remote wifi connected office.

Posted on 2016-11-09
7
51 Views
Last Modified: 2016-12-01
We have a need for a satellite office that can function just like it is local.  A VPN point to point would be the normal way, but the caveat is that the remote office location is serviced with wifi connections only. We have Cisco anyconnect available and that works great for the PC, but the phone is another story.  I need to find a IP phone that can use wifi connections, and be able to establish a VPN tunnel back to the office.  The cisco phones can do this, but only IF you are using Cisco connection manager.  We have an Avaya system instead.  
Another option would be to find a way for a PC or device that can establish the VPN tunnel, and then share the connection to a mini network at the remote office. Windows used to be able to 'share this connection', but I don't know if that is still available on win10.
An additional desire is that the remote network be wifi.
So I'm looking for ideas and possible hardware suggestions.
0
Comment
Question by:billherde
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 95

Assisted Solution

by:John Hurst
John Hurst earned 250 total points (awarded by participants)
ID: 41881444
the caveat is that the remote office location is serviced with Wi-Fi connections only  <--- You still need a modem at this location. Put in a VPN router and make a site-to-site tunnel from remote to main.   I do this for clients and it generally works.
0
 
LVL 28

Assisted Solution

by:masnrock
masnrock earned 250 total points (awarded by participants)
ID: 41882132
Exactly what John said, unless you are subletting space where you don't have the luxury of using your own firewall/router. Given your desire for phones that can work on Wi-Fi, I'm also assuming that said spaces do not have cabling to them. But also, most of the Avaya phones that support Wi-Fi are cordless (such as the 3641 and 3645). Is that an option you are looking for?
0
 
LVL 3

Author Comment

by:billherde
ID: 41882238
The situation is more like Masnrock.  The remote site will be in a place that rents offices only, and provides a desk, a couple AC plugs in the wall and access to a shared WiFi only. So we cannot bring in out own service even if we wanted to. As such, we need a self contained means to connect to a WiFi, and create a small private LAN, or any devices need to be able to establish their own VPN tunnel to the main office.  The 3641/3645 are WiFi enabled, but look like they are intended to be used within the primary site LAN.
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 95

Assisted Solution

by:John Hurst
John Hurst earned 250 total points (awarded by participants)
ID: 41882264
If you can create a private LAN then you can use Site to Site. You need an access point that can connect to the remote Wi-Fi, but once you do that, you should be able to attach a Cisco RVxx VPN router to the access point. You would need to use NAT Traversal.

If you cannot do the above, then you need Client to Gateway VPN on all devices. For computers we use NCP Secure Entry for this. They have solutions for Windows 7 through 10, Android and Apple and that might work for you.   www.ncp-e.com.
0
 
LVL 28

Accepted Solution

by:
masnrock earned 250 total points (awarded by participants)
ID: 41882375
You might be shot in the foot. I know with Avaya you can have remote extensions, but I'm unaware of doing it with a VPN tunnel. That would require opening firewall ports and configuring the phones that I suggested to connect to that public IP to port 5060. (I had one client in the past where I had some dealings with their Avaya system)

If it is a Regus office space, I *think* you can pay to have your own firewall/router connected to their network, which would then might allow for you to run your own private Wi-Fi. But don't quote me on that one. If yes, then from there you would potentially be able to a site-to-site VPN.

A workaround would be a firewall with integrated Wi-Fi getting internet from a 4G card. Then you can work on a site-to-site VPN.

I did not answer the phone question for the last 2 scenarios because you might decide to have a separate subnet, which would introduce some extra challenges. If the same subnet extended, then things should be considerable easier.
0
 
LVL 95

Expert Comment

by:John Hurst
ID: 41905451
Question has been properly answered within the limitations provided.
0
 
LVL 3

Author Comment

by:billherde
ID: 41909406
Update:  John is correct, the phone device only works if it is either in the primary LAN (or extended LAN) or is configured to use a public IP assigned to a separate nic on the controller.  The Cisco phone has the ability to connect to a cisco hosted VPN, but it requies a certificate be installed on the phone.  The ONLY way to install  said cert is using Cisco call manager. ($$$$$$$$$) and there is not even a trial version to try and test with.  I have come across a little device, GLI Mini Travel Router GL-AR300M that can connect to a wifi and create another private LAN for remote offices.  It also boasts having openVPN client installed in the firmware.  At this time I am unable to create a suitable ovpn file to get it to connect to the cisco VPN.  Beyond that it offers little more than a properly configured firewall on a remote PC. (and lacks a lot in perceived value, this thing is like a toy.)
At this time I am putting the public IP approach in play.  Not too thrilled about a public address with nothing but a port filter for security, but it will have to do.
Thanks for the feedback guys.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco SRST questions 5 57
Building a computer for Graphic + Video editing 10 80
port forwarding 2 71
USB 3.0 or SATA III PCIE Card for ESXI 5.5 3 67
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question