| picard 2004-11-08, 5:45 pm |
| RedRyder,
Thanks for the detailed descrition of the scenario. It has really
helped me understand are things are supposed to work. I sure hope
somebody responds. If not, try the newsgroups at www.dslreports.com
Now for an extension of the scenario....
Assume somebody is in a hotel room that gets an IP address via DHCP on
the hotel network. The notebook has Netgear VPN01L VPN client software
on it. Could this VPN client software be configured to establish the
VPN connection independent of the IP address given by DHCP?
thanks!!
RedRyder <redryder@null> wrote in message news:<10otcpkk1mtqc03@corp.supernews.com>...
> I need some advice on a vpn setup we're thinking of implementing.
> My questions are at the bottom of this post.
>
> Here's the scenario:
> We have 3 offices and 2 remote users that need access to the 3 offices.
> The 3 offices need to be connected on a seemless vpn with at least one
> of the office's routers set up to facilitate remote users. Each of the
> offices are currently connected to the Internet using business
> (highspeed) dsl lines. The routers need to handle all the vpning
> between offices so it appears that the 3 offices are just one seemless
> LAN. (we're going to be mapping drives between offices) When a remote
> user connects to any of the three offices they will have get assigned an
> ip in that office's range. (example: If Office A has an ip range of
> 192.168.0.2-192.168.0.49, it will assign the remote user an available ip
> in that range or possibly an ip from a small portion of that range
> reserved for only remot users. After the remote user has connected he
> will be able to access the 3 office vpn'd "lan".
>
> Here's my idea for implementing this...
>
> Replace the current routers at each office location with a Netgear
> FVS318 or comparable. (http://www.netgear.com/products/details/FVS318.php)
>
> Setup the router at Office A to have an internal IP of 192.168.0.1
> Setup machines at Office A to have ips in the range of
> 192.168.0.2-192.168.0.49 and the Internet gateway set as 192.168.0.1
>
> Setup the router at Office B to have an internal IP of 192.168.0.51
> Setup the machines at Office B to have ips in the range of
> 192.168.0.52-192.168.0.99 and an Internet gateway address of 192.168.0.51
>
> Setup the router at Office C to have an internal IP of 192.168.0.101
> Setup the machines at Office C to have ips in the range of
> 192.168.0.102-192.168.0.149 and an Internet gateway address of 192.168.0.101
>
> Summary:
> Office A
> Router IP:192.168.0.1
> Machine's Ips: 192.168.0.2-192.168.0.49
>
> Office B
> Router IP:192.168.0.51
> Machine's Ips: 192.168.0.52-192.168.0.99
>
> Office C
> Router IP:192.168.0.101
> Machine's Ips: 192.168.0.102-192.168.0.149
>
> Now for connecting them.
>
> There are 2 way's to do this. Office B and C can connect to A. The only
> problem I see with this is that files getting transfered between Office
> B and C would get routed through A.
> Would it work for each router to connect to the other 2? example:
> Router A creates tunnels to B and C. Router B creates tunnels to A and
> C. Router C creates tunnels to A and C.
> If this setup is possible it has the advantage of being relatively "fail
> safe" -if Office A's connection goes down, Offices B and C can still be
> connected.
> The remote users will be running Netgear's vpn client software and
> connecting to office A----the remote users part is not important right
> now, it can be worked out later.
>
> Ok. Congrats on reading this far! =) Here's my question: Do you see any
> potential problems with this setup? Can the Netgear Fvs318 routers do
> this? Any comments or tips would be GREATLY appreciated.
>
> Thanks for reading!
>
> -RedRyder
|