Guest Fox1977 Posted November 27, 2007 Posted November 27, 2007 Hi all, Just wanted to get some ideas and expertise from everyone as I'm new to VPNs and got a big project to work on. Our company has just acquired an office at the other end of the country and I have the job of connecting the two office networks together. I have spent the last few weeks getting a remote access VPN up and running for teleworkers using microsoft RAS. Now i need to look into getting a site to site VPN setup and just wanted to share my ideas. the plan i was looking at was having each network (complete with DNS, DHCP and windows domain controller) on a different network address. Use a draytek router in one office to connect to a sonic wall router in the other office (running on a different network address). I'm just in the starting out on a CCNA course so this is a good grounding! I'm just a bit unsure about how I go about setting them up in practice. I am not too worried about getting the two different domains sorted yet I'd be happy just to get them connected first. Were would people recommend starting? Anyone any tips or ideas based on their own experiences?
Guest Lanwench [MVP - Exchange] Posted November 27, 2007 Posted November 27, 2007 Re: Setup site to site VPN? Fox1977 <foxj77@gmail.com> wrote: > Hi all, > > Just wanted to get some ideas and expertise from everyone as I'm new > to VPNs and got a big project to work on. > > Our company has just acquired an office at the other end of the > country and I have the job of connecting the two office networks > together. > > I have spent the last few weeks getting a remote access VPN up and > running for teleworkers using microsoft RAS. Now i need to look into > getting a site to site VPN setup and just wanted to share my ideas. > > the plan i was looking at was having each network (complete with DNS, > DHCP and windows domain controller) on a different network address. > Use a draytek router in one office to connect to a sonic wall router > in the other office (running on a different network address). I'm > just in the starting out on a CCNA course so this is a good grounding! > > I'm just a bit unsure about how I go about setting them up in > practice. I am not too worried about getting the two different > domains sorted yet I'd be happy just to get them connected first. > Were would people recommend starting? > > Anyone any tips or ideas based on their own experiences? You're on the right path. I myself would probably use Sonicwalls on each end.....but overall, this shouldn't be too tough. Just make sure you use a different private IP subnet on each side (e.g., 172.16.1.0/24 in the main office, 172.16.2.0/24 in the branch office). Re domains - is there an existing one at the other company, which you wish to keep? If so, you could set up a trust. Or, if you're going to fold them into yours (which might be best, in the long term...), set up a DC/DNS/DHCP box in the remote office, in your domain, but in its own AD site/subnet (AD Sites & Services)
Guest Jeff Stockamp Posted November 28, 2007 Posted November 28, 2007 Re: Setup site to site VPN? If you're not familiar with VPN setup, i would discourage using routers from 2 different manufacturers. Use the same router at both locations and the setup should be easy, and you can call a single vendor to get support if you run into problems. As with just about anything in networking, there are standards for VPN, but every vendor tweaks them a little. - Jeff "Fox1977" <foxj77@gmail.com> wrote in message news:52de474a-7fcb-4470-86de-b268b4f41f66@a35g2000prf.googlegroups.com... > Hi all, > > Just wanted to get some ideas and expertise from everyone as I'm new > to VPNs and got a big project to work on. > > Our company has just acquired an office at the other end of the > country and I have the job of connecting the two office networks > together. > > I have spent the last few weeks getting a remote access VPN up and > running for teleworkers using microsoft RAS. Now i need to look into > getting a site to site VPN setup and just wanted to share my ideas. > > the plan i was looking at was having each network (complete with DNS, > DHCP and windows domain controller) on a different network address. > Use a draytek router in one office to connect to a sonic wall router > in the other office (running on a different network address). I'm > just in the starting out on a CCNA course so this is a good grounding! > > I'm just a bit unsure about how I go about setting them up in > practice. I am not too worried about getting the two different > domains sorted yet I'd be happy just to get them connected first. > Were would people recommend starting? > > Anyone any tips or ideas based on their own experiences?
Guest Fox1977 Posted November 28, 2007 Posted November 28, 2007 Re: Setup site to site VPN? I am tempted to go and buy another sonicwall to put at our end. Especially as i amd having a lot of trouble getting port forwarding to work correctly on a new draytek 2800vg router i have just bought for £150. Should i be using a seperate network address to connect the two routers together? What is the best protocol/standard to go router to router. Is it IPsec? Thanks for the advice, much appreciated On Nov 28, 12:43 am, "Jeff Stockamp" <jeff.stock...@dodgeit.com> wrote: > If you're not familiar with VPN setup, i would discourage using routers from > 2 different manufacturers. Use the same router at both locations and the > setup should be easy, and you can call a single vendor to get support if you > run into problems. As with just about anything in networking, there are > standards for VPN, but every vendor tweaks them a little. > > - Jeff > > "Fox1977" <fox...@gmail.com> wrote in message > > news:52de474a-7fcb-4470-86de-b268b4f41f66@a35g2000prf.googlegroups.com... > > > Hi all, > > > Just wanted to get some ideas and expertise from everyone as I'm new > > to VPNs and got a big project to work on. > > > Our company has just acquired an office at the other end of the > > country and I have the job of connecting the two office networks > > together. > > > I have spent the last few weeks getting a remote access VPN up and > > running for teleworkers using microsoft RAS. Now i need to look into > > getting a site to site VPN setup and just wanted to share my ideas. > > > the plan i was looking at was having each network (complete with DNS, > > DHCP and windows domain controller) on a different network address. > > Use a draytek router in one office to connect to a sonic wall router > > in the other office (running on a different network address). I'm > > just in the starting out on a CCNA course so this is a good grounding! > > > I'm just a bit unsure about how I go about setting them up in > > practice. I am not too worried about getting the two different > > domains sorted yet I'd be happy just to get them connected first. > > Were would people recommend starting? > > > Anyone any tips or ideas based on their own experiences?
Guest Lanwench [MVP - Exchange] Posted November 28, 2007 Posted November 28, 2007 Re: Setup site to site VPN? Fox1977 <foxj77@gmail.com> wrote: > I am tempted to go and buy another sonicwall to put at our end. I would. > Especially as i amd having a lot of trouble getting port forwarding to > work correctly on a new draytek 2800vg router i have just bought for > £150. And the Sonicwall will give you a lot more protection, too. > > Should i be using a seperate network address to connect the two > routers together? What do you mean? You have a public IP on each of these networks - that's what you use to make the connection. Now, *behind* the Sonicwalls, you need to be using two different TCP/IP subnets or this won't work. See my reply for info onthat. > What is the best protocol/standard to go router to > router. Is it IPsec? Yes. This is really a cinch with Sonicwalls....I believe there's even a wizard for it. > > Thanks for the advice, much appreciated > > > > On Nov 28, 12:43 am, "Jeff Stockamp" <jeff.stock...@dodgeit.com> > wrote: >> If you're not familiar with VPN setup, i would discourage using >> routers from 2 different manufacturers. Use the same router at both >> locations and the setup should be easy, and you can call a single >> vendor to get support if you run into problems. As with just about >> anything in networking, there are standards for VPN, but every >> vendor tweaks them a little. >> >> - Jeff >> >> "Fox1977" <fox...@gmail.com> wrote in message >> >> news:52de474a-7fcb-4470-86de-b268b4f41f66@a35g2000prf.googlegroups.com... >> >>> Hi all, >> >>> Just wanted to get some ideas and expertise from everyone as I'm new >>> to VPNs and got a big project to work on. >> >>> Our company has just acquired an office at the other end of the >>> country and I have the job of connecting the two office networks >>> together. >> >>> I have spent the last few weeks getting a remote access VPN up and >>> running for teleworkers using microsoft RAS. Now i need to look >>> into getting a site to site VPN setup and just wanted to share my >>> ideas. >> >>> the plan i was looking at was having each network (complete with >>> DNS, DHCP and windows domain controller) on a different network >>> address. Use a draytek router in one office to connect to a sonic >>> wall router in the other office (running on a different network >>> address). I'm just in the starting out on a CCNA course so this is >>> a good grounding! >> >>> I'm just a bit unsure about how I go about setting them up in >>> practice. I am not too worried about getting the two different >>> domains sorted yet I'd be happy just to get them connected first. >>> Were would people recommend starting? >> >>> Anyone any tips or ideas based on their own experiences?
Guest Fox1977 Posted December 5, 2007 Posted December 5, 2007 Re: Setup site to site VPN? Thanks for the advice folks, I am going to try and get something up and running between the drayetk and sonicwall next week. I will keep you posted.
Recommended Posts