Remote Network Consulting / VPN Setup

I

infect0

[H]ard|Gawd
Joined
Oct 15, 2006
Messages
1,677
Does anyone know any company / person who wants to make a few bucks helping out setup a VPN site to site? We have an server 08 machine needing to get setup as a client to a remote peer. Beyond my scope as a database guy and we just need to get it finished.
 
Hi to clarify you want a VPN between two Windows Server 2008 machines using the VPN features in the OS, e.g. no hardware firewalls involved?
 
What brand equipment you have on both ends? (meaning routers...make/model/and licensing if applicable).
 
I think the hamachi vpn stuff from logmein is supposed to be pretty easy to setup. If you are looking for other options, I'd really suggest doing it in hardware rather than software.
 
I do this kind of thing for a living, would be interested in helping out. Send me a MSG.
 
If you are open to the platform, or have existing firewalls in front of both machines, I could probably help.
 
Location South Carolina.

Client is running Cisco ASA. Wanting to setup site-to-site vpn connection.

We run all of our production servers in AWS cloud.

There is no native firewall/vpn service as part of AWS. The best AWS can offer is something called VPC. Until recently it only supported BGP and from what I understand even static routing is hard to get running correctly. The only other option is create a VPC (private subnet for virtualized instances running on amazon) and then setup a linux (or whatever OS) instance running something like OpenSwan to run the IPsec tunnel. I am having a terrible time getting everything setup with OpenSwan and there is really limited documentation online on success stories such as this. Usually people are setting up the VPN between their datacenter and then cloud resources, giving them much more controll through the entire process.
 
Why not setup a Vyatta instance in Amazon's cloud and then do ipsec site-to-site between the ASA and Vyatta.
 
joshu said:
Why not setup a Vyatta instance in Amazon's cloud and then do ipsec site-to-site between the ASA and Vyatta.
Click to expand...

Whats your opinion on this? I was looking at something similar as well, (cohesiveft.com/).
 
I've setup a VPN with Amazon AWS natively before to one of my Cisco routers (GRE tunnels, BGP and the works). Are you sure there is no VPN service available?
 
I'm not familiar with cohesiveft.com.

Regarding Vyatta and Amazon this might be useful for you.
 
Valnar said:
I've setup a VPN with Amazon AWS natively before to one of my Cisco routers (GRE tunnels, BGP and the works). Are you sure there is no VPN service available?
Click to expand...

Right thats VPC. Lets you partition off a private/public subnet for your instances. It really works best with BGP. They just added static routing but it seems that its still really shaky. Our client uses a Cisco ASA which does not offer BGP.
 
infect0 said:
Right thats VPC. Lets you partition off a private/public subnet for your instances. It really works best with BGP. They just added static routing but it seems that its still really shaky. Our client uses a Cisco ASA which does not offer BGP.
Click to expand...

Tell your client to sell the ASA and setup free Vyatta Core either as a virtual machine or on an Intel Atom server. Better yet if you're not in a hurry wait till end of November and sell the ASA for an Ubiquiti Edge Router Lite. It's based off of Vyatta and comes in a neat package with an awesome GUI all for $99 :D
 
joshu said:
Tell your client to sell the ASA and setup free Vyatta Core either as a virtual machine or on an Intel Atom server. Better yet if you're not in a hurry wait till end of November and sell the ASA for an Ubiquiti Edge Router Lite :D
Click to expand...

Hah I wish. I might have confused it a big. THey are a huge corporation, we are trying to implement a vpn connection between our servers and they 100% run cisco and in this case cisco asa. No getting around it. Our trouble has been finding the most efficient solution to create the tunnel since we are 100% run on amazon.
 
joshu said:
Tell your client to sell the ASA and setup free Vyatta Core either as a virtual machine or on an Intel Atom server. Better yet if you're not in a hurry wait till end of November and sell the ASA for an Ubiquiti Edge Router Lite. It's based off of Vyatta and comes in a neat package with an awesome GUI all for $99 :D
Click to expand...

Sorry, but why would anyone do that? If you afford a Cisco ASA, the support is miles better. Big companies don't like to play games with their infrastructure.
 
Haha :D

Unfortunately I don't have any experience with Amazon's cloud except for S3 and I'm definitely not a networking expert. I'm afraid that apart from integrating Vyatta into your network for the purpose of tunnelling to your AWS servers (solution I linked), I don't have any ideas :(
 
Valnar said:
Sorry, but why would anyone do that? If you afford a Cisco ASA, the support is miles better. Big companies don't like to play games with their infrastructure.
Click to expand...

Well as I mentioned in my post above I'm not a networking specialist and I wasn't aware that the OP's company was a big one until a few moments ago.

Anyway, I'm not interested in going into a Cisco vs other battle as I'm sure everyone has their own reasons/ needs for picking one or other ;)
 
You must log in or register to reply here.
Back
Top