Best way to setup many branch offices

rjg.tech

rjg.tech

Member
Reaction score
6
Location
I live in Port Neches, TX, my shop is in Nederland
I have a client that wants to have a base office in one town and 20 satellite offices in a larger town 2 hours away.

The base office will be running a server with proseries tax software and some other insurance software. The branch offices will all be connected through VPN.

Do you guys have any suggestions on the best way you would do this. The router they already have can only create 5 tunnels.

Would RRAS work on server 2008?

Any help would be appreciated.
 
Ok. I am thinking about the Watchguard XTM 23w, it can have up to 50 VPN users with 55mps VPN throughput.

Once I get with the client to get more details about the branch offices I will know if I will need to setup site to site VPN or just have a VPN client on the computer connected back to the Watchguard.

Just brainstorming, I have about 6 months till they will need this done so I am just researching it out.
 
Seems site-to-site VPN would mean the main office would need a 20 VPN user capacity and then each branch office would need just a router that does VPN. Client-to-site would definitely mean getting a beefier VPN appliance for the main office, so it'd be interesting to see a cost-vs-cost analysis.
 
Yeah. Someone suggested that I look into terminal services for this endeavor that way pushing updates would be easy.

The site to site would be the way to go with VPN routers in each office, however the client may just be renting the lobbies of other business and using Verizon mifi cards for the internet. I am still trying to convince him that this won't be the best solution. If he did go this route we could setup each computer with a VPN client but I am not sure about the speed and reliability.
 
I would say that you have 2 options really.

1. you could use SBS 2008/2011 Premium and use the 2nd server license as a terminal server and then remote users could use remote web workplace to connect direct to the terminal server (no VPN Required)

2. look at a firewall for the main office which supports VPN's such as the watchguard series (I used to use them a couple of years ago) the were Very good but needed a frequent reboots on older firmwares but I think the XTM updates may have resolved them.

one other thing I would suggest is looking at backup internet connections as you will have a lot of remote users offline if your only internet connection fails.

Hope this helps

Rudger
 
Because of this, I would use terminal services. Very easy to setup and secure.
Client just renting, and using Verizon, i don't believe that a IPSEC/VPN tunnel is going to be a solution i would want to support giving the requirements.

Tunnel going up and down during use is going to make the customer feel you recommended the wrong solution.

My 2 cents


rjg.tech said:
Yeah. Someone suggested that I look into terminal services for this endeavor that way pushing updates would be easy.

The site to site would be the way to go with VPN routers in each office, however the client may just be renting the lobbies of other business and using Verizon mifi cards for the internet. I am still trying to convince him that this won't be the best solution. If he did go this route we could setup each computer with a VPN client but I am not sure about the speed and reliability.
Click to expand...
 
Have them buy lines from the Telco company and Cisco routers like most poor Government entities do.
 
You must log in or register to reply here.

Similar threads

HCHTech
Hot-Desking setup
Replies
0
Views
719
HCHTech
HCHTech
tek9
[SOLVED] IPsec VPN and FreePBX provisioning
Replies
4
Views
897
tek9
tek9
M
For a classified ads site, which module or what is the best way to go?
Replies
1
Views
987
gadgetfixup
gadgetfixup
thecomputerguy
Family friends son died unexpectedly and is out of options right?
Replies
15
Views
839
fincoder
fincoder
HCHTech
Best Practice scan-to-email setup?
Replies
6
Views
1K
Sky-Knight
Sky-Knight
Back
Top