VPN/router/switch/NAT questions...

[Guest]

Archived from groups: comp.dcom.lans.ethernet (More info?)

I have a few question for the guru's out there. Any help would be
appreciated. I'm currently running my office network as follows:

DSL modem/router -> 12-port switch <- rest of office computers

We're expanding our office to a new building and I'd like to be able
to VPN from the current office to the new office. In addition I'll be
needing more ports at the new office so here's what I've got planned
so far:

Keep current configuration at old office
new office:
DSL Modem (router disabled) -> 4-port VPN/router/switch ->
24-port switch <- rest of office

I know a little about networking setups but not any more than I've
needed to learn to keep things running. Here are my questions:

First will this setup work? I'm assuming I just need to uplink the
VPN/router to the switch.

2nd: Do I need to get a VPN/router for our old office to make the VPN
connections work? I want all machines at the old office to be able to
access servers that will be located at the new office.

 

[Guest]

Archived from groups: comp.dcom.lans.ethernet (More info?)

In article <19cc537f.0408261628.3cd049f9@posting.google.com>,
Jed Savage <jaedend@charter.net> wrote:
:2nd: Do I need to get a VPN/router for our old office to make the VPN
:connections work? I want all machines at the old office to be able to
:access servers that will be located at the new office.

*Something* has to do the VPN work in the old office. That could
be a VPN device such as you are planning to put into the new office,
or it could be software on each individual machine in the old office.

--
"I want to make sure [a user] can't get through ... an online
experience without hitting a Microsoft ad"
-- Steve Ballmer [Microsoft Chief Executive]

 

[Guest]

Archived from groups: comp.dcom.lans.ethernet (More info?)

"Jed Savage" <jaedend@charter.net> wrote:

> I'm currently running my office network as follows:
>
> DSL modem/router -> 12-port switch <- rest of office computers

Is this ADSL? If so, then you should see a few hundred Kb/s upstream
speed.

> We're expanding our office to a new building and I'd like to be able
> to VPN from the current office to the new office. In addition I'll be
> needing more ports at the new office so here's what I've got planned
> so far:
>
> Keep current configuration at old office
> new office:
> DSL Modem (router disabled) -> 4-port VPN/router/switch ->
> 24-port switch <- rest of office
>
> First will this setup work? I'm assuming I just need to uplink the
> VPN/router to the switch.

This should work, but it might be slower than you expect.

If previously office workers were intercommunicating over Ethernet,
perhaps 100 Mb/s Ethernet, they will now be intercommunicating between
old office and new office at, say, 300 Kb/s if ADSL is what you're
using, or 1.5 Mb/s if SDSL.

The advantage of ADSL over SDLS is that downlink speeds can be as high
as 8 Mb/s. However, that would be downlink from the telco's Central
Office. As in, comms between the Internet down to a subscriber. But when
going between old office and new office, your speed will always be
limited by the uplink speed of the xDSL flavor you're using, which will
be fairly low no matter what, but especially low if you're using ADSL.

> 2nd: Do I need to get a VPN/router for our old office to make the VPN
> connections work? I want all machines at the old office to be able to
> access servers that will be located at the new office.

The VPN is formed by encapsulating IP packets from end users in each
office into an outer IP envelope. The outer envelope routes the packets
across the service provider's network from old office to new office, or
vice versa. At the other end, something strips off the outer IP
envelope, leaving a data packet which appears just as it would have when
the office was in a single location.

These VPN tunnels can be terminated in stand-alone boxes, such as the
router that ties your two offices into the ISP's network, or they can be
terminated inside end user hosts themselves. If there are multiple users
in each office, my inclination would be to terminate the tunnel at a
router. That way, all interoffice comms can be sent over a single VPN.
Seems simpler than creating a VPN for each host. But either approach can
work fine.

Bert

 

[Guest]

Archived from groups: comp.dcom.lans.ethernet (More info?)

Jed Savage wrote:
> I have a few question for the guru's out there. Any help would be
> appreciated. I'm currently running my office network as follows:
>
> DSL modem/router -> 12-port switch <- rest of office computers
>
> We're expanding our office to a new building and I'd like to be able
> to VPN from the current office to the new office. In addition I'll be
> needing more ports at the new office so here's what I've got planned
> so far:
>
> Keep current configuration at old office
> new office:
> DSL Modem (router disabled) -> 4-port VPN/router/switch ->
> 24-port switch <- rest of office
>
> I know a little about networking setups but not any more than I've
> needed to learn to keep things running. Here are my questions:
>
> First will this setup work? I'm assuming I just need to uplink the
> VPN/router to the switch.
>
> 2nd: Do I need to get a VPN/router for our old office to make the VPN
> connections work? I want all machines at the old office to be able to
> access servers that will be located at the new office.
Depending on how fancy you wanted to get, the SMC firewall/routers with
built in hardware VPN may do the trick for you. I have a pair operating
between home and my wifes office, and lets me see the whole LAN there.
Note: I previously had a pair of Linksys VPN routers and had temperature
trouble and failures with both of them, so I would avoid that brand.
gr