Orbi WiFi 7 RBE973
Reply

Suggestions for Network Architecture

Damo80
Aspirant

Suggestions for Network Architecture

Hello,

 

Would anyone out there be able to suggest what would be the best setup for a small business network with a remote office, and external salesperson?

 

The primary office is currently using a DGND3700v1, we have 3 PC's connected via Wireless, 2 PC's via Ethernet, 1 Printer via ethernet\wireless, and 1 x FreeNas file server.

 

We are about to office a remote office, as well as looking at access for the external salesperson to access the files server.

 

The budget isn't big, and I don't think it needs to be, and something that is simple to keep an eye on would be good as well.

 

The suggested setup would have to be able to handle the following:-

 

Primary Office:-

4-7 Max PC's via Ethernet & Wireless

1 x Printer

 

Remote Office:-

2 x PC's Preference is Wireless, but Ethernet as well

1 x Printer

 

Sales Person:-

1 x PC remote access.

 

Suggestions and idea's are welcomed.

 

Thanks.

Message 1 of 12
DaneA
NETGEAR Employee Retired

Re: Suggestions for Network Architecture

Hi Damo80,

 

You may want to consider the FVS318N which is a Wireless N VPN Firewall for your main office.  You can set up a client-to-box IPSec VPN on the firewall so that the external salesperson from the remote office could have access on the file server located in the main office.  You could have both wired and wireless connection through the FVS318N as well.  Kindly check its specifications here.

 

Kindly check this link about client-to-box IPSec VPN configuration.

 

Welcome to the community!

 

 

Regards,

 

DaneA
NETGEAR Community Team   

Message 2 of 12
Damo80
Aspirant

Re: Suggestions for Network Architecture

Thanks for that Dane,

 

There was something that I left off. We have get a Dynamic IP from our ISP, is this an issue.

 

Another thing that has been raised by a friend is VPN's need descent upload speeds, what I got from our modem is we are currently only getting about 7616 kbps download, and 384 kbps upload. I'm guessing this would make a difference for the remote person...

 

Thanks.

Message 3 of 12
DaneA
NETGEAR Employee Retired

Re: Suggestions for Network Architecture

Hi @Damo80,

 


@Damo80 wrote:

There was something that I left off. We have get a Dynamic IP from our ISP, is this an issue.


The best practice is to have a public static WAN IP Address from the ISP.

 


@Damo80 wrote:

Another thing that has been raised by a friend is VPN's need descent upload speeds, what I got from our modem is we are currently only getting about 7616 kbps download, and 384 kbps upload. I'm guessing this would make a difference for the remote person...


The speed which your ISP provides will also affect the speed of a VPN connection.

 

 

Regards,

 

DaneA

NETGEAR Community Team

Message 4 of 12
SamirD
Prodigy

Re: Suggestions for Network Architecture

You can do a vpn with dynamic ips.  Since your router is on 24x7, you won't lose the IP unless the isp is making network changes.  I've only seen this happen once in about 2 years, so it's not a big deal.  I have several fvs318n's doing site-to-site vpns using dynamics.

 

Bandwidth is going to be important dependent on what you'll be using the connection for.  If you're going to be transfering huge files, bandwidth can be a real issue.  If the remote user will only need access to large files at the home office, then you can have him remote desktop over the vpn to a system at the home office and work with the files that way.  This is a configuration we use where we have paper scanned to our home office from several sites and then I view them remotely by rdping into a system at the home office.  Even with only 4Mbit upload, I can work fairly well from almost 1000mi away.

 

These are just some ideas to start.  Post up some more information about your workflow and I'm sure we can dial in a perfect solution.  The fvs318n is a good unit to work with, even with its quirks.

Message 5 of 12
fordem
Mentor

Re: Suggestions for Network Architecture

VPNs can be done with dynamic addressing if a dynamic DNS provider (for example DynDNS) is used, however, upload speeds that low, will be a bit of a problem.

Message 6 of 12
SamirD
Prodigy

Re: Suggestions for Network Architecture

This is true, but it also works fine without a dynamic dns provider.
Message 7 of 12
fordem
Mentor

Re: Suggestions for Network Architecture

Whilst many ISPs will allow dynamically assigned address to remain unchanged for long periods, not all of them do, and there may also be events, outside of the subscriber's control that cause the address to change (for example, a power outage) - use of a DnyamicDNS provider allows the VPN to continue working without anyone having to change the configurations.

 

Yes, in some cases, you can run for weeks, months or years, without the address changing - I know, I have done it - but Murphy's law is of such that the address will change at the most inconvenient time, causing the VPN to fail - how do you plan to fix the problem from a thousand miles away?

 

I use VPNs for remote support - not using a Dynamic DNS provider is a risk I am unprepared to take.

Message 8 of 12
SamirD
Prodigy

Re: Suggestions for Network Architecture

That is a good point. I have someone at each endpoint that can give me a changed ip, and as a backup im able to call the isp and they give me the new address. Also, our network can survive 10m of downtime without someone dying, while others' networks may not be so flexible to failures.
Message 9 of 12
fordem
Mentor

Re: Suggestions for Network Architecture

Ever needed to connect afterhours?

Message 10 of 12
SamirD
Prodigy

Re: Suggestions for Network Architecture

Nope.  The VPN links aren't in use after hours, so it would just be first thing in the am if there was an issue.  It's been a complete non-issue for us, but in other appliations I could see how it could be a dealbreaker.

Message 11 of 12
SamirD
Prodigy

Re: Suggestions for Network Architecture

24x7 support and someone on site 24x7.  Besides even 6hrs downtime wouldn't kill us.

Message 12 of 12
Discussion stats
  • 11 replies
  • 7390 views
  • 0 kudos
  • 4 in conversation
Announcements