1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

VPN with both point-to-point and client access

Discussion in 'VPN' started by Ozymandyus, Jun 13, 2018.

  1. Ozymandyus

    Ozymandyus Occasional Visitor

    Joined:
    Jan 2, 2018
    Messages:
    20
    Good day folks, I have what is hopefully a straightforward configuration I'm working on, but wanted to inquire about it here to see if there was an easier/more straightforward way to do it.

    My small company currently has only one physical location, and our IT resources are behind a Cisco RV325 load-balancing router. We will soon be placing a compute server in a co-location space, and want to have secure access to it. In our use scenario we will want seamless access from our main office, but also provide the ability for remote users to access the server via mobile workstations.

    The office-to-server part seems straightforward, I would be inclined to install a second RV325 in the colo and configure a point-to-point VPN between it and the one at our office. I don't have as much experience with individual remote clients in this scenario, however. Could we also have those clients setup on the RV325s? If so, I would appreciate suggestions on the best way to configure this.

    Alternatively, we are not married to the idea of using this particular hardware either. If another vendor has a solution that would work better for our situation, I'd be very open to using that instead.

    Thoughts and suggestions are greatly appreciated, thank you!
     
  2. Please support SNBForums! Just click on this link before you buy something from Amazon and we'll get a small commission on anything you buy. Thanks!
  3. Ozymandyus

    Ozymandyus Occasional Visitor

    Joined:
    Jan 2, 2018
    Messages:
    20
    I'm surprised to see so many views but no commentary. Is there a different forum where it would be more appropriate for me to ask the question?
     
  4. umarmung

    umarmung Regular Contributor

    Joined:
    Apr 21, 2018
    Messages:
    172
    Maybe no one answered because the Cisco RVxxx small business routers have been End-of-Life for over a year and just 4 days ago are now End-of-SW maintenance: https://www.cisco.com/c/en/us/produ...wan-vpn-router/eos-eol-notice-c51-738763.html

    So, regardless of any other considerations, that's not a device anyone could recommend as either an Internet-facing router or security appliance.

    If you need a firewall appliance, a common recommendation in small businesses are Meraki MX series.

    However, if you only want an IPSEC VPN router, you won't get better peformance value than a Mikrotik RB1100AHx4 (or the Dude variant Dx4). Unlike a Meraki MX64, which can push a max of 100Mbps , an RB1100AHx4 can do symmetric Gigabit IPSEC forwarding, even with 256 tunnels and AES + SHA256.
     
    Ozymandyus likes this.
  5. Ozymandyus

    Ozymandyus Occasional Visitor

    Joined:
    Jan 2, 2018
    Messages:
    20
    Thank you Umarmung, that's exactly why I asked the question...I know I'm relatively ignorant, and wanted to see what people with more experience have to say. I'll take a close look at the Meraki and Mikrotik and see how they line up. For someone with no experience with those brands, would you say the instructions are sufficient to work out the configurations?
     
Please support SNBForums! Just click on this link before you buy something from Amazon and we'll get a small commission on anything you buy. Thanks!