- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Suggestions for Network Architecture
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Suggestions for Network Architecture
Hello,
Would anyone out there be able to suggest what would be the best setup for a small business network with a remote office, and external salesperson?
The primary office is currently using a DGND3700v1, we have 3 PC's connected via Wireless, 2 PC's via Ethernet, 1 Printer via ethernet\wireless, and 1 x FreeNas file server.
We are about to office a remote office, as well as looking at access for the external salesperson to access the files server.
The budget isn't big, and I don't think it needs to be, and something that is simple to keep an eye on would be good as well.
The suggested setup would have to be able to handle the following:-
Primary Office:-
4-7 Max PC's via Ethernet & Wireless
1 x Printer
Remote Office:-
2 x PC's Preference is Wireless, but Ethernet as well
1 x Printer
Sales Person:-
1 x PC remote access.
Suggestions and idea's are welcomed.
Thanks.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Suggestions for Network Architecture
Hi Damo80,
You may want to consider the FVS318N which is a Wireless N VPN Firewall for your main office. You can set up a client-to-box IPSec VPN on the firewall so that the external salesperson from the remote office could have access on the file server located in the main office. You could have both wired and wireless connection through the FVS318N as well. Kindly check its specifications here.
Kindly check this link about client-to-box IPSec VPN configuration.
Welcome to the community!
Regards,
DaneA
NETGEAR Community Team
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Suggestions for Network Architecture
Thanks for that Dane,
There was something that I left off. We have get a Dynamic IP from our ISP, is this an issue.
Another thing that has been raised by a friend is VPN's need descent upload speeds, what I got from our modem is we are currently only getting about 7616 kbps download, and 384 kbps upload. I'm guessing this would make a difference for the remote person...
Thanks.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Suggestions for Network Architecture
Hi @Damo80,
@Damo80 wrote:
There was something that I left off. We have get a Dynamic IP from our ISP, is this an issue.
The best practice is to have a public static WAN IP Address from the ISP.
@Damo80 wrote:
Another thing that has been raised by a friend is VPN's need descent upload speeds, what I got from our modem is we are currently only getting about 7616 kbps download, and 384 kbps upload. I'm guessing this would make a difference for the remote person...
The speed which your ISP provides will also affect the speed of a VPN connection.
Regards,
DaneA
NETGEAR Community Team
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Suggestions for Network Architecture
You can do a vpn with dynamic ips. Since your router is on 24x7, you won't lose the IP unless the isp is making network changes. I've only seen this happen once in about 2 years, so it's not a big deal. I have several fvs318n's doing site-to-site vpns using dynamics.
Bandwidth is going to be important dependent on what you'll be using the connection for. If you're going to be transfering huge files, bandwidth can be a real issue. If the remote user will only need access to large files at the home office, then you can have him remote desktop over the vpn to a system at the home office and work with the files that way. This is a configuration we use where we have paper scanned to our home office from several sites and then I view them remotely by rdping into a system at the home office. Even with only 4Mbit upload, I can work fairly well from almost 1000mi away.
These are just some ideas to start. Post up some more information about your workflow and I'm sure we can dial in a perfect solution. The fvs318n is a good unit to work with, even with its quirks.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Suggestions for Network Architecture
VPNs can be done with dynamic addressing if a dynamic DNS provider (for example DynDNS) is used, however, upload speeds that low, will be a bit of a problem.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Suggestions for Network Architecture
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Suggestions for Network Architecture
Whilst many ISPs will allow dynamically assigned address to remain unchanged for long periods, not all of them do, and there may also be events, outside of the subscriber's control that cause the address to change (for example, a power outage) - use of a DnyamicDNS provider allows the VPN to continue working without anyone having to change the configurations.
Yes, in some cases, you can run for weeks, months or years, without the address changing - I know, I have done it - but Murphy's law is of such that the address will change at the most inconvenient time, causing the VPN to fail - how do you plan to fix the problem from a thousand miles away?
I use VPNs for remote support - not using a Dynamic DNS provider is a risk I am unprepared to take.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Suggestions for Network Architecture
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Suggestions for Network Architecture
Ever needed to connect afterhours?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Suggestions for Network Architecture
Nope. The VPN links aren't in use after hours, so it would just be first thing in the am if there was an issue. It's been a complete non-issue for us, but in other appliations I could see how it could be a dealbreaker.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Suggestions for Network Architecture
24x7 support and someone on site 24x7. Besides even 6hrs downtime wouldn't kill us.