03-17-2010 12:29 PM - edited 03-04-2019 07:50 AM
Hi Guys, I'm new here and a bit new to networks as well, so here is a basic question that I have and I was looking for some help.
I work for a small company with 2 offices, currently both connected with DSL connections and we have an appliance that provides routing and a VPN tunnel between both offices. Unfortunatelly this is not enough anymore and I was thinking to update both offices to a T1 connection, now the question:
Is it possible to setup the routers to create the VPN tunnel? like set them up to only see each other (and their subnets in the other sides)? if I do this way do I still need a firewall on this T1 connection ? (The idea is keep both DSLs for internet and the T1 just to internal data).
Thanks a lot!
Solved! Go to Solution.
03-17-2010 02:15 PM
Kev...... wrote:
Hi Guys, I'm new here and a bit new to networks as well, so here is a basic question that I have and I was looking for some help.
I work for a small company with 2 offices, currently both connected with DSL connections and we have an appliance that provides routing and a VPN tunnel between both offices. Unfortunatelly this is not enough anymore and I was thinking to update both offices to a T1 connection, now the question:
Is it possible to setup the routers to create the VPN tunnel? like set them up to only see each other (and their subnets in the other sides)? if I do this way do I still need a firewall on this T1 connection ? (The idea is keep both DSLs for internet and the T1 just to internal data).
Thanks a lot!
Kevin
If you are connecting your internal sites via T1 then you may well not need to use a VPN at all, many companies don't because in effect it is private line between your 2 sites and so there is no need to encrypt the data
You had a VPN on your DSL lines because then your inter-site traffic would be going over the Internet which is anything but private.
However if you wanted to you could use the routers , with the right feature set, to create a VPN across the T1 and you wouldn't necessarily have to firewall it as long as you are firewalling the Internet connection.
Jon
03-17-2010 02:15 PM
Kev...... wrote:
Hi Guys, I'm new here and a bit new to networks as well, so here is a basic question that I have and I was looking for some help.
I work for a small company with 2 offices, currently both connected with DSL connections and we have an appliance that provides routing and a VPN tunnel between both offices. Unfortunatelly this is not enough anymore and I was thinking to update both offices to a T1 connection, now the question:
Is it possible to setup the routers to create the VPN tunnel? like set them up to only see each other (and their subnets in the other sides)? if I do this way do I still need a firewall on this T1 connection ? (The idea is keep both DSLs for internet and the T1 just to internal data).
Thanks a lot!
Kevin
If you are connecting your internal sites via T1 then you may well not need to use a VPN at all, many companies don't because in effect it is private line between your 2 sites and so there is no need to encrypt the data
You had a VPN on your DSL lines because then your inter-site traffic would be going over the Internet which is anything but private.
However if you wanted to you could use the routers , with the right feature set, to create a VPN across the T1 and you wouldn't necessarily have to firewall it as long as you are firewalling the Internet connection.
Jon
03-18-2010 07:15 AM
Hi Jon, thanks a lot for the reply.
Just one more question, if I want to make those T1s private, Do I have to get them from the same ISP to set that up ? Or can I get them with different ISPs and set the configs in the routers ?
Thanks again !
03-18-2010 07:22 AM
Kevin
A T1 is a private leased point-to-point connection so you would get it from just one SP. There is nothing to stop you using 2 SPs and having 2 T1s for redundancy/backup but each T1 will belong to just one SP.
Jon
03-19-2010 07:05 AM
Hi Jon,
I meant we have 2 locations, like one office in Ontario and one in PA(US), so in this case I need a T1 for each office right ? and to be able to interconnect the 2 offices without a VPN and Firewall both T1 would have to be from the same SP or I can get it trought diferent SP and set those configs myself ?
Thanks again Jon, I'm still trying to undestand those concepts
03-19-2010 07:59 AM
Sorry to chime in here..
Seems like you would end up heavy on the financial end.
Normally a leased line is recommended for short distance !
Would recommend another VPN over internet for your private LAN or even services like Frame Relay !
03-22-2010 08:41 AM
Thanks a lot for the help guys !
Do you know a link where I can get those connections explained? I'm lost with those T1s, Frame Relays, Leased Lines, etc.
(I did search wikipedia and google, but their explanation is very techy, I need to find out something more business oriented, like what should I use to connect 2 small offices )
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide