Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
SCENARIO:
I have 3 offices in 2 cities. The main office is where I have my DC, DHCP, DNS, Web, Database, Firewall, etc. I would like my other office computers to connect to my DC for authentication and have my DHCP issue IP address. This way if there is any problems I van VNC to them and fix any issues. I also want to manage antivirus and other softwares at the server level as well as computer and network monitor.
The solution of course is site-to-site VPN. (Am I right?)
My question is, I am looking at several Cisco models; RVS400, RV042, RVL200, RV082. I am on a budget.
I would like the computers to connect behind the scenes without any user interaction, in a way it will emulate (or simulate) the client to log on to his/her computer and authenitcate to our home office DC similar to a server that is right next to them. I hope I explained that correctly.
I also read that you can do this setup with Linksys WRT54GL Router. If this is so, what would be the main difference/advantage of Linksys and Cisco equipment.
Thanks for the help. I have some knowledge of VPN bot not at this scale. So this is also a learning experience for me as well as gaining and expanding my knowledge. Thanks.
Yes, you do want a site-to-site vpn setup. I'd suggest that you determine how much growth you want to allow for (number of sites) then buy a model that will support that number of simultaneous tunnels. I'd also buy identical models as minor variations or different products can cause integration issues.
example:
Code:
I have 3 sites currently so if I connect them in a hub and spoke topology I'll need to handle 2 simultaneous tunnels at the hub
[office_B]-------[office_a(hub)]-----[office_C]
We may be partnering with OppositionX and they have 3 offices, so if we're still the hub we'll need to be able to support 5 simultaneous tunnels - I'll allow for 8 just in case.
So determine which products support 8 simultaneous tunnels, pick one and buy 4 of them ( 1 spare for quick recovery ). Update them to the latest firmware, configure the hub first followed by the remote end/s.
The choices between products that you've given are not really ideal as Cisco bought Linksys, but I'd probably choose a Cisco branded one as they're traditionally targeted more at business than home (may have changed).
If I understand this, Office A, B, and C will have its own tunnel to Office M (Main Office). So the Main Office needs to handle multiple tunneling while the other offices just need one tunnel. The Offices DO NOT need to interact with each other.
So I figure the main office (M) will use Cisco Small Business RV082 Dual WAN VPN Router and Office A, B, and C can use Linksys WRT54GL Router and reconfigured for VPN both wireless and wired.
QUESTION: Will VPN Tunnel be used for web browsing as well since my gateway/firewall is at the home office? Or will it still go through ISP at the office location?
The equptment price, configuration, security, and management fits well with my budget. Any suggestions, comments, maybe approval (lol), or questions would greatly be appreciated. Again, thanks for the info.
If you want internet browsing to go via head office you'll probably need to have a proxy and configure all the clients to use it. The usual vpn config will only redirect traffic for the head office subnet over the vpn connection - everything else will be routed normally.
It may be possible to force all traffic over the vpn connection but you'll need to Read The Fine Manual for the product you buy.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.