VPN - help to building VPN networks
Hey,
I need your help building a VPN in my 4 locations: home and 3 stores. I have a database program installed on each store that I would like to connect to from home. I have used an RDP connection so far, but for security reasons I would like to give it up.
I don't have experience in creating VPNs, so tell me where to start?
I see it this way: in 3 locations (shops) - I run a VPN server (Ex. Zyxel USG20-w). At home, I create 3 connections on the computer, e.g. L2TP. The only problem I see is switching between stores.
Maybe i need to create a 'site to site' connection?
I hope that what I described is quite clear - if not, please ask.
All Replies
-
-
Thanks for the answer.
If I understood the configuration correctly:
Assuming home is my hub. I create Site-to-Site connections:
- HUB - SHOP
- HUB - SHOP2
- HUB - SHOP3
Then, it uses the VPN Concentrator functions
The next step is to create connections
- SHOP1 - HUB
- SHOP2 - HUB
- SHOP3 - HUB
Question:
- if I don't need connections between SHOP1-2-3 I don't create Policy Route ?
- What about securing the IPSec connection ?
- Is the USG20W-VPN suitable for all locations ?
- Are there any requirements for the internet provider? Currently, I have routers on my stores - I think all the traffic will have to be redirected to USG20W.
- Will Internet quality drop after such a VPN connection? in 3 locations I have more or less speed: Download: 120 Mb/s / Upload: 18 Mb/s
0 -
Can you draw out the network with LAN/WAN/IP subnets.
0 -
I don't want to share external addresses in the forum, but it looks something like this:
1 -
Your going to need to change the LAN IP for either shop3 or home as a tunnel to their will conflict.
So yes make tunnels from home to shop1-3 and shop1-3 to home with Nailed-Up checked.
You only need the Concentrator on home if shop 1 needs to connect to shop 2 by the tunnel.
1 -
OK I understand. How significantly the speed of the Internet will decrease after creating this type of VPN connection.
And, Am I able to do it on the USG20W-VPN model?
0 -
your speed will be limited but should do for what you need
The USG20W-VPN can make upto 10 IPsec VPN tunnels
0 -
Do you know why I ask? There are a lot of network devices on every shop - payment terminals, internet services, etc. It must work well. That is why it is important to me how much the speed of the Internet will drop?
0 -
Hi @mlik
The throughput dropping is highly related on what kind of application is used for certain testing and what encryption method will be implemented in your VPN tunnels (the encryption complexity difference). Moreover, if the UTM features (e.g. Anti-Virus) was enabled, the throughput will drop,too.
To your scenario, if what you need is purely for VPN services, USG20W-VPN is quite match to certain bandwidth requirement. However, to have more room for the additional features that may be implemented on your device. I will suggest to upgrade your main firewall to USG110.
By the way, for those major services that need to be guaranteed in the bandwidth, the Bandwidth Management function can fulfill certain requirement to have guaranteed bandwidth in the VPN tunnel.
0
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 218 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 245 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3.1K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight