Remote office is connected to the main office via point to point T1, split half for wan half for internet. Main office has 2 bonded T1’s, half a T is for the wan and the rest is for internet/future growth. Data transfer between sites is painfully slow, users are accessing large files and graphic intensive apps from either end. In addition, we have techs both internationally and locally connecting via cisco ipsec vpn to our ASA located at main office. In the near future we plan on adding one or two more remote offices and I know this will stress the main office’s bandwith even more, not to mention how slow it already is for my remote users currently.
My questions are these:
If I get a few cable/dsl connections (I have been leaning towards cable due to their higher upload speeds, I can get 10mb up per device) would I effectively obtain a 20mb site to site vpn if I put 2 in at either end?
If I wanted to connect another remote office (site to site vpn) would I then have to add 2 more for a total of 4 at the main office to keep the same theoretical 20mb pipe for each site to site vpn?
2-5. If I am using both my cable modems for site to site vpn, how do my users access the internet?
Do any of you Peplink reps have any recommendations on how I should/could set this up?
Do any of my fellow users have any real world experiences that they would like to comment on?
I have been looking at 10mb Metro-E from my local bell but the price is quite high for very little bandwith and I would lack the mobility to move quickly (90 day turnaround times are unacceptable plus I have a strong dislike for the monolithic bell powers)
Yes you would (although S2S has about a 5% overhead so it would be a little less )
Yes you would -if you have high bandwidth saturation on both lines, but if both sites were averaging 10Mb then your 20Mb aggregated connection at the first site would cope.
2.5. Your Choice, you can set routes up to either funnel all Internet connectivity back through head office (so you could take advantage of a web cache/proxy if you wanted) or you can configure remote sites so they punch out directly to the internet.
I’m not a Peplink Rep - just a user but I see nothing wrong with what your suggesting here.
Let me tell you what we have configured:
Bandwidth
Head office with a 10Mb Leased Line a 50Mb leased line and 4 30Mb/1.5Mb DSLs
37 Remote Sites with a minimum of 2 DSLs (ranging from 20/2 to 8/0.7Mb)
Routers
2 x 1350 Balance in a active passive Cluster at head office providing the link aggregation, inbound load balancing and perimeter security
20 x 210 Balance Routers at the Remote Sites
15 x 310 Balance Routers at the sites that need more bandwidth
2 x 580 Balance (for the sites with 4 or more connections)
The 1350 Cluster is a little overkill for us at the moment - we could have used pair of 710’s but I wanted extra WAN ports in case we needed them.
What I love most about this configuration is the auto failover on the Cluster at head office and the auto failover within the link aggregation. We run Citrix, Print and VoIP over this infrastructure and when a DSL line fails you simply can’t tell, Voice calls continue with just a little click audible and data session integrity is held.
