Networks

Question

Gravatar
0 Votes
Locked

Site-to-site VPNs in four locations

By blathan ·
What?s up everyone?
I administer a network that recently added two more locations. I need to have the three locations on the same domain, and they all need to use outlook email for our exchange server that is not administered by me.
The hardware for the VPNs is three Netgear FVS318v3's.
I had some questions regarding setting up site-to-site vpns for four different locations. I have never done any of this before so ive been reading up and I am pretty sure I have the general concept down.
The DC and File/Print server are located at my main site, two remote sites have no servers on location, and one site has the exchange server (administered by someone else). From what I understand, if I setup vpns, I will be able to join the remote workstations at the two sites to the domain at the main site(hawaii.usvetsinc.org) and function as if the servers were on location. Is this correct? Do I set the vpn to point to the DC's IP address or the network address?
My other question is this; our exchange server is also at a remote location and is a member of the same parent domain (usvetsinc.org). If I setup a VPN tunnel from my main site to the exchange server (and make it a trusted domain), will that give the other two sites that are vpn'd to my main site (and members of the domain) access to the exchange server, or do I have to setup additional VPN tunnels for the other two sites directly to the exchange server?
Lastly, how reliable is this configuration? I assume that everyone who has a domain with remote locations uses similar configurations, so does the connection drop or timeout often? I don?t really want to be making frequent trips to keeps things up and running.
I would really appreciate your guys' help with this, like I said this is new to me and it?s hard to find specific answers by just searching. Sorry for the long post.

Branden

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

gravatar
Collapse -

site to site VPN

by lwinfrey In reply to Site-to-site VPNs in four ...

I'll give you an example of what will work. :)
We have 5 sites with an internet connection at each site. We put a 3com router at each site.
I am using DVPN - but this should work the same regardless of protocol.
4 of the routers have tunnels connected to the router at the main site - there is a virtual tunnel interface on each router. Each virtual interface has an ip in the same subnet.
I added static routes to each router so that the subnets at each site can be reached via the tunnel interface.
The subnets at the sites are:
192.168.51.0/24
192.168.52.0/24
192.168.53.0/24
192.168.54.0/24
192.168.55.0/24
The subnet that all the tunnels connect to is:
192.168.50.0/24
the last octets for tunnel interfaces are 1,2,3,4,5.

i.e. - at the .55 site - the tunnel interface is .5, and a static route to .51 network goes out the tunnel interface.

The tunnel is encrypted - so there are no filters... all traffic is routed and clients see the server as if they are connected to the same physical network.

Back to Networks Forum

Start or search

Related Discussions

Related Forums