Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Basic Question: VPN / WAN

Hi Guys, I'm new here and a bit new to networks as well, so here is a basic question that I have and I was looking for some help.

I work for a small company with 2 offices, currently both connected with DSL connections and we have an appliance that provides routing and a VPN tunnel between both offices. Unfortunatelly this is not enough anymore and I was thinking to update both offices to a T1 connection, now the question:

Is it possible to setup the routers to create the VPN tunnel? like set them up to only see each other (and their subnets in the other sides)? if I do this way do I still need a firewall on this T1 connection ? (The idea is keep both DSLs for internet and the T1 just to internal data).

Thanks a lot!

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Blue

Re: Basic Question: VPN / WAN

Kev...... wrote:

Hi Guys, I'm new here and a bit new to networks as well, so here is a basic question that I have and I was looking for some help.

I work for a small company with 2 offices, currently both connected with DSL connections and we have an appliance that provides routing and a VPN tunnel between both offices. Unfortunatelly this is not enough anymore and I was thinking to update both offices to a T1 connection, now the question:

Is it possible to setup the routers to create the VPN tunnel? like set them up to only see each other (and their subnets in the other sides)? if I do this way do I still need a firewall on this T1 connection ? (The idea is keep both DSLs for internet and the T1 just to internal data).

Thanks a lot!

Kevin

If you are connecting your internal sites via T1 then you may well not need to use a VPN at all, many companies don't because in effect it is private line between your 2 sites and so there is no need to encrypt the data

You had a VPN on your DSL lines because then your inter-site traffic would be going over the Internet which is anything but private.

However if you wanted to you could use the routers , with the right feature set, to create a VPN across the T1 and you wouldn't necessarily have to firewall it as long as you are firewalling the Internet connection.

Jon

6 REPLIES
Hall of Fame Super Blue

Re: Basic Question: VPN / WAN

Kev...... wrote:

Hi Guys, I'm new here and a bit new to networks as well, so here is a basic question that I have and I was looking for some help.

I work for a small company with 2 offices, currently both connected with DSL connections and we have an appliance that provides routing and a VPN tunnel between both offices. Unfortunatelly this is not enough anymore and I was thinking to update both offices to a T1 connection, now the question:

Is it possible to setup the routers to create the VPN tunnel? like set them up to only see each other (and their subnets in the other sides)? if I do this way do I still need a firewall on this T1 connection ? (The idea is keep both DSLs for internet and the T1 just to internal data).

Thanks a lot!

Kevin

If you are connecting your internal sites via T1 then you may well not need to use a VPN at all, many companies don't because in effect it is private line between your 2 sites and so there is no need to encrypt the data

You had a VPN on your DSL lines because then your inter-site traffic would be going over the Internet which is anything but private.

However if you wanted to you could use the routers , with the right feature set, to create a VPN across the T1 and you wouldn't necessarily have to firewall it as long as you are firewalling the Internet connection.

Jon

New Member

Re: Basic Question: VPN / WAN

Hi Jon, thanks a lot for the reply.

Just one more question, if I want to make those T1s private, Do I have to get them from the same ISP to set that up ? Or can I get them with different ISPs and set the configs in the routers ?

Thanks again !

Hall of Fame Super Blue

Re: Basic Question: VPN / WAN

Kevin

A T1 is a private leased point-to-point connection so you would get it from just one SP. There is nothing to stop you using 2 SPs and having 2 T1s for redundancy/backup but each T1 will belong to just one SP.

Jon

New Member

Re: Basic Question: VPN / WAN

Hi Jon,

I meant we have 2 locations, like one office in Ontario and one in PA(US), so in this case I need a T1 for each office right ? and to be able to interconnect the 2 offices without a VPN and Firewall both T1 would have to be from the same SP or I can get it trought diferent SP and set those configs myself ?

Thanks again Jon, I'm still trying to undestand those concepts

Re: Basic Question: VPN / WAN

Sorry to chime in here..

Seems like you would end up heavy on the financial end.

Normally a leased line is recommended for short distance !

Would recommend another VPN over internet for your private LAN or even services like Frame Relay !

New Member

Re: Basic Question: VPN / WAN

Thanks a lot for the help guys !

Do you know a link where I can get those connections explained? I'm lost with those T1s, Frame Relays, Leased Lines, etc.

(I did search wikipedia and google, but their explanation is very techy, I need to find out something more business oriented, like what should I use to connect 2 small offices )

272
Views
0
Helpful
6
Replies