|
|
Question : Problem: Best VPN solution for my 2 site 30 user network
|
|
Hi,
I'm not an MCSE, so I'd like some help from some of you guys.
Our company bought a larger building and is moving our offices at the end of Febuary. The shipping and customer service center is going to be combined with IT minus a few web guys.
Here's the deal:
After everything is moved to where it needs to go, we will have the following 2 locations:
Location 1 computers: (assigned 192.168.1.XXX) 1 Win 2000 Server 1 Win 2000 Pro Workstation (this machine has 2 connections 1 via the router NAT, and another directly to a static IP on the wireless broadband connection) 19 Win XP Pro Workstations 1 Windows 98 Machine (runs a particular legacy app. Cannot upgrade) 1 XP Pro Laptop 3 UPS / FedEx shipper machines (NT4 WS)
Location 2 computers: (assigned 192.168.0.XXX) 3 Win XP Pro Machines 1 Win 2000 Pro Laptop 2 Win XP Home Machines 1 Windows 98 Machine
We currently have the following
Location 1: Symantec 200 Router (http://enterprisesecurity.symantec.com/products/products.cfm?ProductID=63&EID=0) connected to · Cable broadband · Fixed wireless broadband
Location 2: NexLand pro800 turbo router (http://www.nexland.com/turbo.cfm) connected to · Cable broadband · Fixed wireless broadband
At location 1, were switching over to a T1. Our provider is giving us the CSU/DSU, but we have to provide the router. At location 2 we are keeping the cable and wireless, but we can replace the router if necessary. The wireless has a static IP and the cable has a dynamic IP.
Heres my question: We have some people who are going to be working from both locations. People from location 2 are going to need to access location 1 to connect to the server, their local machines, etc.. Im going to need to remotely administer the server and users machines.
What is the best VPN solution for us?
Points will be given to the best solution (or I may divi out extra points if I get a bunch of good solutions)
|
Answer : Problem: Best VPN solution for my 2 site 30 user network
|
|
I'd strongly recommend you have the same at both ends. However, these devices talk using standards so anything that supports gateway-gateway IPSEC tunnels would work, just make sure that the encryption\authentication methods are setup the same. For example, if you're using ESP DES MD5 at one end, you obviously need the other end setup to talk the same language. I've never used the Symantec boxes but from what I've just read, they seem good bits of kit.
You also may want to consider setting up WINS on your win2000 server for name resolution instead of allowing broadcasts over the vpn.
|
|
|
|