Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

Site to Site VPN HW or SW?

Options
  • 26-02-2010 9:56pm
    #1
    Cryos
    Registered Users Posts: 816 ✭✭✭


    Hi Guys,

    Thought id throw this out to a couple of the experts, i have been asked by a family friend who is now doing M&A on a company located in Belfast. The main company is based here in dublin.

    The belfast office caters for about 25 People with 25 Desktops/Laptops, 1 Server (simple file and print with DC) which is backed up to a SaaS provider.

    Office is on a 10mb BT Business line (1mb upload) and has a static IP allocated.

    Dublin office is currently running recently upgraded 8mb eircom broadband with static IP (yearly cost), upload seems around 650 to 740 depending on the day, eircom sales are sending out an engineer to see if he can avail of the new 12mb Down 2mb Up pack.

    As apart of the M&A activity there is a need to link the two sites in order to centralise data to Sharepoint and the local exchange environment, with a RODC sitting in belfast only, Print server will be handled by the HP Universal Print software on the machines when they are rebuilt.

    Dublin has a Cisco Pix 506E VPN device for staff to vpn in and get email etc.., ive looked to try get another but Device seems to be EOL.

    So as a Microsoft Enterprise Admin for my day to day this would be a job for ISA Server 2006, but id like to avoid having a box sitting up there if at all possible. (For cost and maintenance purposes)

    My thought process was to try aquire another Cisco 506E and attempt to do a Site to Site VPN, my problem with this from the last time i played with this scenario is that if someone in belfast decides to look at stuff on the net it comes through dublin and uses that internet connection.

    Is it possible using the Cisco 506E to Link the sites, but state that say draffic destined for 10.1.1.x should traverse the VPN while other traffic should just go through the DSL router and out on the net (specifically the business uses Salesforce , so i would like to use their own Broadband on each site rather than traverse the links).

    Ive been given €1200 to play with, Suggestions and direction is most welcome and thanks in advance.


Comments

  • Options
    #2
    accensi0n
    Registered Users Posts: 2,746 ✭✭✭accensi0n


    Can you post up the previous configs that were causing traffic destined for the net to go across the vpn?


  • Options
    #3
    Tomtata
    Registered Users Posts: 227 ✭✭Tomtata


    Yes you can do exactly what you described - with €1200 I would recommend getting yourself a pair of Cisco ASA 5505's Link -> Your Eircom & BT modems setup as bridges and configure the ASA's accordingly

    Also the Cisco Pix 506E is End of Life for a good while now so would be worth replacing.


  • Options
    #4
    Rew
    Moderators, Sports Moderators Posts: 8,679 Mod ✭✭✭✭Rew


    I do this between 5520, a 5505 and a Juniper SSG520. Works well let me know if you need config help.


Advertisement