Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1997
Views
15
Helpful
7
Replies

Best way to connect two small office locations

Go to solution
Wolfi
Level 1
Level 1

‎01-10-2018 12:22 PM - edited ‎03-08-2019 01:22 PM

Hi Guys,

 

I would like to connect two small office locations (A and B) with 5-5 users and I would like to set up some kind of VPN solution between these sites. Is it possible these sites to have separate internet access? So I wouldn't like e.g. tunneling A's internet traffic to B, then to internet.

I just want to reach A's resources from B and vica versa, but internet breakouts should be on A and B site also.

What kind of hardware and technology do you recommend to build that topology?

I think about IPSec over GRE, but I don't know which hardware is suitable for this small business.

 

Thank you so much your opinion in advance!

 

topology.jpg

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
doodles6970
Level 1
Level 1
In response to Wolfi

‎01-10-2018 02:00 PM

I would always suggest go with what ever makes your life easier. In my opinion I would always go with something that’s a bit more future proof, something like the 800 Or a ISR 1000. I think having DMVPN would make your life a lot easier. Plus if you ever get any remote sites / home workers you would have the Infrastructure to support it already.
Ryan

View solution in original post

0 Helpful
7 Replies 7

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame

‎01-10-2018 12:37 PM

Much of Cisco's small ISRs would support both Internet access and a VPN tunnel between sites.

Which device to chose would much depends on how much bandwidth you have to the Internet.

You can share one link (per site) for both VPN and Internet, although your VPN can be setup to provide more predictable performance if you have separate VPN and Internet links at each site.

On the low bandwidth end, Cisco's 800 series could do both functions.

Go to solution
Karsten Iwen
VIP
VIP

‎01-10-2018 01:14 PM

I would take two Cisco Meraki MX64 into consideration. 

0 Helpful

Go to solution
Wolfi
Level 1
Level 1
In response to Karsten Iwen

‎01-10-2018 01:44 PM

Thanks, I will definitely consider Meraki in the future, but now I don't need it, sorry.
0 Helpful

Go to solution
doodles6970
Level 1
Level 1

‎01-10-2018 01:14 PM

You could use DMVPN.
Depending on your router hardware I would certainly recommend this solution. It’s easy to setup and easy to maintain and you can apply IPSEC to the tunnels

Go to solution
Wolfi
Level 1
Level 1
In response to doodles6970

‎01-10-2018 01:37 PM

Thanks for your replies!

There is only one internet connection on both sites, so local internet breakout and VPN have to use the same WAN interface. Site A has 10/10 Mbps and B has 30/30 Mbps internet connection.

 

I though that Cisco RV042G could do the necessary functions (NAT, IPsec site-to-site tunnel, some QoS). It doesn't have DMVPN, but cheaper than 800 series.

What's your opinion?

0 Helpful

Go to solution
doodles6970
Level 1
Level 1
In response to Wolfi

‎01-10-2018 02:00 PM

I would always suggest go with what ever makes your life easier. In my opinion I would always go with something that’s a bit more future proof, something like the 800 Or a ISR 1000. I think having DMVPN would make your life a lot easier. Plus if you ever get any remote sites / home workers you would have the Infrastructure to support it already.
Ryan
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card