Would anyone out there be able to suggest what would be the best setup for a small business network with a remote office, and external salesperson?
The primary office is currently using a DGND3700v1, we have 3 PC's connected via Wireless, 2 PC's via Ethernet, 1 Printer via ethernet\wireless, and 1 x FreeNas file server.
We are about to office a remote office, as well as looking at access for the external salesperson to access the files server.
The budget isn't big, and I don't think it needs to be, and something that is simple to keep an eye on would be good as well.
The suggested setup would have to be able to handle the following:-
Primary Office:-
4-7 Max PC's via Ethernet & Wireless
1 x Printer
Remote Office:-
2 x PC's Preference is Wireless, but Ethernet as well
You may want to consider the FVS318N which is a Wireless N VPN Firewall for your main office. You can set up a client-to-box IPSec VPN on the firewall so that the external salesperson from the remote office could have access on the file server located in the main office. You could have both wired and wireless connection through the FVS318N as well. Kindly check its specifications here.
Kindly check this link about client-to-box IPSec VPN configuration.
There was something that I left off. We have get a Dynamic IP from our ISP, is this an issue.
Another thing that has been raised by a friend is VPN's need descent upload speeds, what I got from our modem is we are currently only getting about 7616 kbps download, and 384 kbps upload. I'm guessing this would make a difference for the remote person...
Another thing that has been raised by a friend is VPN's need descent upload speeds, what I got from our modem is we are currently only getting about 7616 kbps download, and 384 kbps upload. I'm guessing this would make a difference for the remote person...
The speed which your ISP provides will also affect the speed of a VPN connection.
You can do a vpn with dynamic ips. Since your router is on 24x7, you won't lose the IP unless the isp is making network changes. I've only seen this happen once in about 2 years, so it's not a big deal. I have several fvs318n's doing site-to-site vpns using dynamics.
Bandwidth is going to be important dependent on what you'll be using the connection for. If you're going to be transfering huge files, bandwidth can be a real issue. If the remote user will only need access to large files at the home office, then you can have him remote desktop over the vpn to a system at the home office and work with the files that way. This is a configuration we use where we have paper scanned to our home office from several sites and then I view them remotely by rdping into a system at the home office. Even with only 4Mbit upload, I can work fairly well from almost 1000mi away.
These are just some ideas to start. Post up some more information about your workflow and I'm sure we can dial in a perfect solution. The fvs318n is a good unit to work with, even with its quirks.
VPNs can be done with dynamic addressing if a dynamic DNS provider (for example DynDNS) is used, however, upload speeds that low, will be a bit of a problem.
Whilst many ISPs will allow dynamically assigned address to remain unchanged for long periods, not all of them do, and there may also be events, outside of the subscriber's control that cause the address to change (for example, a power outage) - use of a DnyamicDNS provider allows the VPN to continue working without anyone having to change the configurations.
Yes, in some cases, you can run for weeks, months or years, without the address changing - I know, I have done it - but Murphy's law is of such that the address will change at the most inconvenient time, causing the VPN to fail - how do you plan to fix the problem from a thousand miles away?
I use VPNs for remote support - not using a Dynamic DNS provider is a risk I am unprepared to take.
That is a good point. I have someone at each endpoint that can give me a changed ip, and as a backup im able to call the isp and they give me the new address. Also, our network can survive 10m of downtime without someone dying, while others' networks may not be so flexible to failures.
Nope. The VPN links aren't in use after hours, so it would just be first thing in the am if there was an issue. It's been a complete non-issue for us, but in other appliations I could see how it could be a dealbreaker.
