Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

MPLS V Sonicwall VPN

  • 23-07-2009 9:33am
    #1
    Registered Users, Registered Users 2 Posts: 428 ✭✭


    Don't know if I am explaining this correctly, here goes anyway. I have 20 locations of varying sizes, currently using sonicwalls to vpn into main site. I have approx 20 more very small locations 1 or 2 users in each, to add to the vpn. do I just add more sonicwalls or should I look at MPLs (BIP from Eircom) and BIP Reach (lower cost) for the smaller locations. Big question I know, any leads would be greatfully received.
    Tagged:


Comments

  • Closed Accounts Posts: 627 ✭✭✭preilly79


    if the sonicwall is working for existing sites then no real need to change. you will want to check how many tunnels your core sonicwall is licensed for however.


  • Registered Users, Registered Users 2 Posts: 428 ✭✭ROS123


    Thanks for that, I think it can take up to 50.


  • Registered Users, Registered Users 2 Posts: 7,265 ✭✭✭RangeR


    Do you need QOS guarantees? If so, then go MPLS. There is no QOS over the interweb, VPN or not.


  • Registered Users, Registered Users 2 Posts: 2,534 ✭✭✭FruitLover


    Really comes down to cost effectiveness IMO - I'd be surprised if MPLS connections would be worth it for the small sites.

    If reliability, QoS, etc are a concern though, there's nothing stopping you having a mix - the larger sites on MPLS, with the smaller sites connecting to the MPLS via a hub Sonicwall. No harm in getting an estimate from Eircom or whoever.


  • Registered Users, Registered Users 2 Posts: 428 ✭✭ROS123


    qos is a factor, overall cost is a factor, thats why I was considering bip reach (lower cost) for the small locations.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 1,562 ✭✭✭Snaga


    Do you supply internet access to each site via the same BB link?

    If so - changing to a BIP solution means either getting a dedicated Internet link or routing all of your internet traffic via a core site - so you might need a larger symmetric connection on that site.


  • Registered Users, Registered Users 2 Posts: 1,884 ✭✭✭Rattlehead_ie


    In the long term and looking into the future, I would go MPLS, either Eircom or FWA or a mix. ALl it takes would be a very simple basic cisco or juniper etc on each site and u wouldn't have to worry about long term licensing etc from sonicwall which in my opinion don't scale very well.


  • Registered Users, Registered Users 2 Posts: 55 ✭✭johnmd


    Yes MPLS will be a better option with regards to QOS,but you should be able to get a decent enough result if you can at least try some of the following.

    1.Get contention free broadband on each site.
    2.Keep all of the connections with the same isp where possible.
    3.On the central site remember your upload will be their download so if you can get the best upload options possible,or perhaps a few dsls bonded that would give you decent uploads.
    4.If all of the connections are based in Ireland then most if not all of these ISPs will inter route traffic accross the INEX in Dublin so latency shouldn't be to much of an issue.
    5.FIrewall down the local LAN to WAN policy on each site and ideally inside each vpn as well if possible.

    Magnet business do some decent contention free offerings with QOS On there for Voip as well,as do Irishbroadbands contention free packages.

    You may find you can get a better bang for your buck this way.


  • Registered Users, Registered Users 2 Posts: 2,534 ✭✭✭FruitLover


    Might be possible to get around the 'central site' bottleneck using a full or partial VPN mesh. Some VPN devices (e.g. Juniper) can even run routing protocols across tunnels.


Advertisement