Solved: Remote Office connections

Pearlyshells · ‎07-24-2011

We are opening a remote office about 20miles away. It will have about 15 employees who need access to the internet and also a secured connection back to the headquarters. We want the remote office to have its own internet connection and not share ours at the headquarters. The boss is not a fan of MPLS and has stated that he wants a solution that does not involve MPLS.

This kinda limits our options. I've been told that we can obtain a Cisco router for the new location and have two separate T-1 lines. One would go directly to the internet and the other would be a direct connection to the headquarters using a singletwo port WIC interface.

Another option is to have a single T-1 and use VPN to connect through the internet to the headquarters....but, I am reluctant to go this route because the remote employees would experience VPN latency, would they not?

Are there any other better solutions?

Latchum Naidu · ‎07-25-2011

Hi Cal,

Added Rick...

You can take a seperate internet connection to remote office and can use this same like for local internet access and for vpn tunnel to your headquarters as well.

You need to make sure how much bandwidth you need, this can be decide based on the number of users at remote site and what applications they need to access... Say like if they want SAP access then you need to think for at least 4 MB bandwidth internet link size.

Please rate the helpfull posts.
Regards,
Naidu.

View solution in original post

Joseph W. Doherty · ‎07-25-2011

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

If you share a single Internet connection for both VPN and general Internet, you lose control over managing the VPN bandwidth. When VPN has a dedicated connection, I've found you can also shape both sides for the other side's bandwidth and implement QoS similar to what you might implement for a leased line. Resulting performance rivals similar bandwidth for a dedicated leased line.

View solution in original post

Richard Burts · ‎07-24-2011

Cal

You have pretty well summarized your options:

1) some shared service like MPLS

2) one link dedicated to HQ and another link for Internet

3) one link for Internet and VPN to HQ

If you were to get some Internet connection with VPN that used an Ethernet handoff you might get more bandwidth and better response time than you would with T1.

HTH

Rick

Sent from Cisco Technical Support iPhone App

HTH

Rick

Latchum Naidu · ‎07-25-2011

Hi Cal,

Added Rick...

You can take a seperate internet connection to remote office and can use this same like for local internet access and for vpn tunnel to your headquarters as well.

You need to make sure how much bandwidth you need, this can be decide based on the number of users at remote site and what applications they need to access... Say like if they want SAP access then you need to think for at least 4 MB bandwidth internet link size.

Please rate the helpfull posts.
Regards,
Naidu.

Pearlyshells · ‎07-25-2011

many thanks.

Pearlyshells · ‎07-25-2011

Appreciate the quick responses. Since an MLS solution is out of the question for my boss, I'm leaning toward a single T-1 with VPN and setting up a Windows server at the remote site so that the employees can authenticate and save their files on the local server AND setting up DFS shares/replication. Note: I'm not a fan of DFS but I don't see another viable alternative if I want to keep secure files and not have to deal with employee complaints about VPN latency.

Joseph W. Doherty · ‎07-25-2011

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

If you share a single Internet connection for both VPN and general Internet, you lose control over managing the VPN bandwidth. When VPN has a dedicated connection, I've found you can also shape both sides for the other side's bandwidth and implement QoS similar to what you might implement for a leased line. Resulting performance rivals similar bandwidth for a dedicated leased line.

mvsheik123 · ‎07-27-2011

Hi,

You already got best possible solutions from experts, here are my 2 cents..

Based on your location & availability from provider you can go with a P2P dedicated Ethernet link to your HQ (This

might save your hardware costs, line cost and flexibility to grow in future). You can increase BW from T1 as well

but Ethernet would be my option, if available.

Interenet you can use as backup (VPN) incase P2P link fails.

Thx

MS