VPN primer

[u2slow]

I trying some site-to-site connectivity (both locations have broadband). What does VPN bring to this situation? Can the tedious management of NAT, portforwarding, and virtual server entries be reduced somewhat? (between sites)

Ideally, I would like the 2 sites to appear as a single subnet (i.e. 192.168.0.x) with 2 broadband connection.

 

[YeOldeStonecat]

I take the approach of doing a "site to site VPN over broadband"..by using hardware. Specifically....routers that support VPN connections between themselves.

Such as Sonicwalls, Cisco PIX, or my current favorite for about the last 2 years...Linksys/Cisco RV0 series routers.

Yes it pretty much eliminates the necessity of opening/forwarding ports.

The connected networks will appear to be on the same network...you can browse them in network places. However..you can't have them all on the IP range...each network needs to be different. Main office..192.168.10.xxx, satellite office..192.168.2.xxx, second satellite office 192.168.3.xxx, etc.

I generally try to stay away from the common 192.168.1.xxx and 192.168.0.xxx because many home users are on those..with home routers. Pain in the butt to go changing all those home users routers.

Your ability to browse/access networks shares sort of depends on your network setup.....IE name resolution, etc. You'll be better off doing it using internal DNS. However on peer to peer...the old hosts files will do. However...doing things through IP if no DNS available is easier.

The speed of your VPN connection is a function of the upload that each site has...basically remember..a chain is only as strong as its weakest link.

Generally preferred to have a full business grade static IP connection at each site. For one..higher uptime, for two...generally a higher upload availability. And thirdly...things are easier with static IPs at each site...although with lots of VPN hardware, you can do site to sites with dynamic DNS services.