i need help for my networking project

ennyvramism · Post by **ennyvramism** » Sat Apr 12, 2008 12:19 am

we got a project.. that is to make a WAN.. so we decided to make a 2 LAN (in different places) that have a connection to each other.. lets say a computer shop w/ a 2 different isp provider.. my problem is how will the 2 comp. shop be connected.. lets say they have servers. and what networking devices is needed.. ur answers will be greatly appreciated.. thanx!!

Post by **YeOldeStonecat** » Sat Apr 12, 2008 8:20 am

A router at each location that supports "router to router VPN tunnels".

1x network with an IP range of say..192.168.0.xxx.
The network at the second location with an IP range of say..192.168.2.xxx.

With each router..build an IPSec VPN tunnel between the locations. Depending on what routers you use for the VPN tunnels..most can support doing it via dns aliases..so technically you can do it with dynamic IP accounts at each end..but it's not very reliable..it's best with at least 1x of the locations having a static IP address from the ISP.

ennyvramism · Post by **ennyvramism** » Sat Apr 12, 2008 11:39 am

actually im not familiar with vpn.. i just need to explain how the 2 lans connect.. for example (i use a program that needs to input the ip of the other router).. like that.. i hope u can answer my question in the simpliest way u can.. thanx!!

Post by **YeOldeStonecat** » Sat Apr 12, 2008 12:17 pm

It's how you would connect 2x LANs in separate locations....for example....a network in one state...with a companies branch office in another state..or in another country. We use VPN tunnels to create a wide area network (WAN)

ennyvramism · Post by **ennyvramism** » Sat Apr 12, 2008 12:40 pm

i searched the internet for vpn routers.. i found 1 w/ configuration of the vpn router.. now all i need to know is if my shop has vpn router, will the 2nd shop need vpn router too? im guessing that if the vpn router is only placed at the first shop, only the second shop can get access to the first shop? or will the 1st shop that has vpn router can get access to the 2nd shop that has normal router as well? guide me!!

Post by **YeOldeStonecat** » Sat Apr 12, 2008 2:42 pm

Each location must have a router capable of "router to router VPN tunnels". Yes you can mix brands/makes/models..as long as the type of VPN they support is the same...IE IPSec, OpenVPN, etc....but for best results...I prefer to setup WANs using identicle make/models.

ennyvramism · Post by **ennyvramism** » Sat Apr 12, 2008 10:10 pm

:eek

k.. lets say we have the same model of vpn routers. can u give me a guide on how to config the said 2 routers? how to config the 1st router and how to config the 2nd router for them to meet. its my 1st time to encounter this things and i'd appreciate you guys explaining it to me

but i need to defend this in class 2 days from now..

so please help me! thanks!

what i really need is on how these two routers meet even from 2 different places.

, and also the configs of these two on how they were interconnected. will really appreciate assitance on this one!

thanks in advance.

Post by **YeOldeStonecat** » Sun Apr 13, 2008 7:47 am

ennyvramism wrote::eek k.. lets say we have the same model of vpn routers. can u give me a guide on how to config the said 2 routers? how to config the 1st router and how to config the 2nd router for them to meet.

That depends on the router...in the instruction manuals for them..there will be sections on this, also commonly there are "guides" on the support section of their website.

ennyvramism · Post by **ennyvramism** » Sun Apr 13, 2008 10:56 pm

ok.. i saw the guide.. as far as i understand it.. ill config a vpn router at the
1st shop.. then the second shop will use a IPSsec Client Software (ex. SSH Sentinel) so the workstation at the 2nd shop can connect to the tunnel of the first shop.. so will i do it vice versa so the first shop can connect to the 2nd shop? one more question.. can the 2 shops connect to each other in terms of gaming?? or just sharing files? thanx!!

Post by **YeOldeStonecat** » Mon Apr 14, 2008 6:17 am

Mixing it 1/2way will work for 1x workstation at the satellite office. This is more commonly done with the router doing it at the satellite office..that way all workstations at the satellite can connect to the main office. When you have it done through hardware..there's better performance also.

Err...technically the shop can connect for LAN gaming..depending on the game I suppose.

ennyvramism · Post by **ennyvramism** » Tue Apr 15, 2008 12:05 am

ok lets say ill do it vpn router to router.. ill put the same information in both routers.. my question is how similar the information will be.. ill be putting the vpn router setting.. please tell me what will i put in both router's setting.. its best if u put ip addresses as example in both router settings. so i can understand it clearly.. thanx!!

this tunnel:enable or disable

tunnel name:

local secure group: subnet ip:xxx.xxx.xxx.x
mask:255.255.255.x

Remote secure group: Any<--this Gateway accepts request from any ip address.

Remote security gateway:Any<--this Gateway accepts request from any ip address.

Encryption: *DES *3DES *disable (3des)

Authentication: *MD5 *SHA *disable (MD5)

Key Management: Auto.(IKE)

PFS(perfect forward secrecy) checked

Pre-shared Key: xxxxxxxxxxx

Key lifetime: 3600 Sec.

ErikD · Post by **ErikD** » Tue Apr 15, 2008 6:41 pm

Did you read the instructions for whatever model of routers you will be using? They are usually pretty helpful in explaining what to put in the boxes.

General:

Local subnet = subnet that router is on
Remote subnet = subnet the other network uses (these MUST be different)
Remote gateway = WAN IP of other router

Why allow from any IP? You know the IP of the router on either end if using static IPs. Set to only allow that IP.