Hi everyone!
I'm new to the business and I have to solve the following scenario:
I need to set up a VPN between a head office and a branch. This VPN should be of high availability, as every transaction performed in the branch should be authorized in the head office. So I need two Internet (Wan) connections on each end-point. I only have one branch, and the the required throughput is not big. There are about 20 PCs in the head office lan, and 10 in the branch.
Can anyone recommend me a hardware and configuration for this scenario?
I investigated a bit and found the Draytek Vigor2910 has the two Wan and VPN features, but I'm not complete sure if this is the right product for me (and we don't have the resources to afford buying the wrong hardware). I think of the following solution using this product, and would like you to confirm me if this can work or I need to choose other hardware and configuration:
1) Have one Vigor2910 on the head-office with two wans in a fail-over setup and configured with a DDNS server so I can reach it from outside using always the same DNS address regardless the WAN that is actually connected with. This router should be set up as dial-in VPN server.
2) Have another Vigor2910 on the branch with two wans in a fail-over setup and configured with a DDNS server so it can authenticate to the VPN regardless the WAN that is actually connected with. This router should be set up as dial-out VPN client and "always-on".
Do I have everything covered with this or I am missing something? I'm concerned about:
A) If head-office primary WAN fails and VPN brakes, will this router automatically fail-over the secondary WAN and the branch connect to the VPN again?
B) If branch primary WAN fails and VPN brakes, will this router automatically fail-over the secondary WAN and automatically dial-out to the VPN server again?
C) When a router is working on the secondary WAN (because of a primary wan failure), when will it restore to the primary WAN connection?
D) Will LAN users on both sides be able to navigate normally on the internet while the VPN is established?
I know there are lot of questions and I appreciate your time to read this.
Thanks very much!
I'm new to the business and I have to solve the following scenario:
I need to set up a VPN between a head office and a branch. This VPN should be of high availability, as every transaction performed in the branch should be authorized in the head office. So I need two Internet (Wan) connections on each end-point. I only have one branch, and the the required throughput is not big. There are about 20 PCs in the head office lan, and 10 in the branch.
Can anyone recommend me a hardware and configuration for this scenario?
I investigated a bit and found the Draytek Vigor2910 has the two Wan and VPN features, but I'm not complete sure if this is the right product for me (and we don't have the resources to afford buying the wrong hardware). I think of the following solution using this product, and would like you to confirm me if this can work or I need to choose other hardware and configuration:
1) Have one Vigor2910 on the head-office with two wans in a fail-over setup and configured with a DDNS server so I can reach it from outside using always the same DNS address regardless the WAN that is actually connected with. This router should be set up as dial-in VPN server.
2) Have another Vigor2910 on the branch with two wans in a fail-over setup and configured with a DDNS server so it can authenticate to the VPN regardless the WAN that is actually connected with. This router should be set up as dial-out VPN client and "always-on".
Do I have everything covered with this or I am missing something? I'm concerned about:
A) If head-office primary WAN fails and VPN brakes, will this router automatically fail-over the secondary WAN and the branch connect to the VPN again?
B) If branch primary WAN fails and VPN brakes, will this router automatically fail-over the secondary WAN and automatically dial-out to the VPN server again?
C) When a router is working on the secondary WAN (because of a primary wan failure), when will it restore to the primary WAN connection?
D) Will LAN users on both sides be able to navigate normally on the internet while the VPN is established?
I know there are lot of questions and I appreciate your time to read this.
Thanks very much!