What's new

VPN recommendation

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Barry Webb

New Around Here
Hi.

I'm new to the forums but I've been looking over some of the articles and they are of very high standard. I have high hopes that someone can guide me on the right path!

I am setting up a small telephone system, a Norel BCM 50. Basically a Linux appliance with telephony bolted on. As well and the more traditional digital phones, you can also use IP phones. I'm trying to use a Nortel ip2004 .I am looking to add one or more of these phones to remote locations. The main office has a DSL line with static IP. The remotes will have either DSL or cable with, if possible, dynamic IP, because it's cheaper! Nortel being Nortel have made the process as difficult as possible by allowing NAT. I have been told that I need to setup a VPN. No problem except I have no experience with VPN. I know basically what it does but that's it.

I'm looking for suggestions at to appropriate equipment. I'll need something that is totally self-contained (VPN end point) as this is not a typical network scenario with servers at one end and clients at the other.

Any help would be very much appreciated.
Thanks
Barry
 
Welcome to the forums. Lots of ways to do VPN's. Essentially, you just need hardware or software at each end of the equation that can establish a VPN session/tunnel to the other end.

You say it's not a typical client/server environment, and you need something fairly self-contained. You're probably looking at some sort of hardware solution that each site can plug and play. Software solutions are good and fine, but typically require a PC, which wont help your phones very much, at least not without reconfiguration. What you probably want is a simple end-user router than can support VPNs. What I've currently rolled out at my office is a bunch of Linksys BEFVP41's, which are a version of Linksys' basic little 4 port routers that support VPN functionality. These tunnel into our head office into a Cisco. But just about anything at your main site that can also support a VPN tunnel will do. This solution is pretty straight forward and inexpensive. This is pretty much what we do for our field sites and it works pretty painlessly (our field staff are not technically inclined). I've managed a few networks of very similar nature (IP telephony) and this is usually what we would do when connecting the phone directly to the PBX was not an option (I know nortels can be weird like this). Just keep in mind latency over a VPN can sometimes be an issue for IP telephony.

One wild card is dynamic IPs. Not all VPNs play nicely with dynamic IP's. Some VPN's require static IP's at each end, but not all do. Many will let you get away with dynamic DNS addresses assigned to the site. A bit of research beforehand can help determine what's necessary.
 
Hi and thanks for the quick response.

I thought there would probably be an inexpensive LinkSys solution. I've bought a couple of BEFSX41 routers off eBay to play around with. Off hand, I don't know the difference between the 2 types. I'm also looking at the LinkSys RV042. Do you know of any reason why say he BEFSX41 or RV042routers won't work?

Currently I have the Nortel BCM50 connected via cable to a LinkSys wireless router. The DSL connection has a static IP. I can connect the Nortel ip2004 to the wireless router and it's smart enough to automatically make the necessary connection. So, I'm hoping that so long as I can create an extension of the network in the office at a remote location, I should be able to get the phone to work. I agree that latency could present some problems but I'll keep my fingers crossed. Ultimately I'll have static IP and all ends and this should make matters simpler.

In the remote locations, we need an remote to office VPN plus general Internet connectivity. Using a VPN router doesn't preclude me from connecting a wireless router to one of the VPN routers ports does it? I don't want to wind up with an all or nothing VPN connection if you catch my drift.

Again, thanks for your help.
Barry
 
Hi and thanks for the quick response.

I thought there would probably be an inexpensive LinkSys solution. I've bought a couple of BEFSX41 routers off eBay to play around with. Off hand, I don't know the difference between the 2 types. I'm also looking at the LinkSys RV042. Do you know of any reason why say he BEFSX41 or RV042routers won't work?

Currently I have the Nortel BCM50 connected via cable to a LinkSys wireless router. The DSL connection has a static IP. I can connect the Nortel ip2004 to the wireless router and it's smart enough to automatically make the necessary connection. So, I'm hoping that so long as I can create an extension of the network in the office at a remote location, I should be able to get the phone to work. I agree that latency could present some problems but I'll keep my fingers crossed. Ultimately I'll have static IP and all ends and this should make matters simpler.

In the remote locations, we need an remote to office VPN plus general Internet connectivity. Using a VPN router doesn't preclude me from connecting a wireless router to one of the VPN routers ports does it? I don't want to wind up with an all or nothing VPN connection if you catch my drift.

Again, thanks for your help.
Barry

You should be good to go with either of the products your looking at. The RV series is a bit more of a business grade unit, and as such might be a bit of a better choice, especially factoring in QoS (see below). But either should do. Besides their VPN capabilties, they act as a normal router otherwise, so you can hang wireless or other switches off the routers to your heart's content.

Once the VPN is established, the routers will essentially treat the remote networks as local, so your PBX should connect without issue. Just remember that each remote site needs to be on its own subnet (i.e. main branch - 192.168.1.X, second offce 192.168.2.X, third office 192.168.3.X).

The RV0 might also be a better choice for QoS for the phones, and making sure they have priority. If you have a bunch of other traffic going over the VPN, it'll do a pretty good job of killing your call quality if people are on the phone.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top