Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
JCBiggs

VPN for business. 100% uptime ??? Internet?

Recommended Posts

Posted · Original PosterOP

Hey guys  loaded little post here but Im trying to come up with a workable solution for my company,

 

We bought a new facility for distribution.  With our current MRP software, there is really no good option for a second physical location. Its either buy new MRP (not happening) or do data entry over the phone and by hand (not happening) So, we are going to attempt to make it work like its just another local office, using VPN.   I am curious if any of you have experience with VPNs for 100% on-time business networks, specifically in regards to how stable they are, and if I can expect the sites to stay connected 100% of the time, excluding situations like power outages.   This is important as any interruption in the network would essentially stop work on each end. (massive $ loss in just a couple hours)    Also, VPN would have priority over all other traffic, but what kind of latency and speed reduction do you think we can expect with gigabit?  (or is this more of a hardware selection issue)

 

2 more questions regarding traffic. 

In addition to the manufacturing database, (which is really small bandwidth usage) we are also going to be send security camera streams. H265. probably 100-150mbps continuously on a gigbit connection.  Im wondering if this is really a good idea, or if i should just build another server. (our current server is very underutilized)  I much prefer having the data over here in our climate controlled Server Room.  

 

Lastly; For other "normal" internet traffic.. google, youtube, etc.  is it possible to segregate that traffic and NOT send it over vpn?   I'm thinking of just putting in WIFI access points that are NOT on the VPN.   All computer's Ethernet connections would be locked into the vpn, but the WIFI dongles would be able to reach the internet. I'm thinking this should be doable with the localhost config file, but i'm wondering if there is a better way.   I just dont see a point in routing regular internet traffic through the primary location.  

 

fyi, the two buildings are physically less than 2 miles apart and are serviced by the Same locally  based ISP.

Link to post
Share on other sites

What you are looking for is "point to point" (P2P) or "site to site" vpn.

Unfortunately this about as far i can go to help you... sorry. Networking is not my strong point. Ill tag another member that can help.

 

@leadeater

@Lurick

 

Also...

-= Moved to Networking =-


Tech News Posting Guidelines - READ BEFORE POSTING | Community Standards | Forum Staff

LTT Folding Users Tips, Tricks and FAQ | F@H Contribution | My Rig | Project Steamroller

 

Spoiler

 †  

 

Character is like a Tree and Reputation like its Shadow. The Shadow is what we think of it; The Tree is the Real thing.  ~ Abraham Lincoln

You have enemies? Good. That means you've stood up for something, sometime in your life.  ~ Winston Churchill

Docendo discimus - "the best way to learn is to teach" ~ Benjamin Jantz

 

I am a StarCitizen are you? My ships: Aegis Eclipse, Aegis Sabre, Aegis Gladius, Aopoa Nox, KI P52 Merlin, KI P72 Archimedes and the RSI Constellation Aquila.

 

My Phones are a Nokia Lumia 925 with WM10 and a Microsoft Lumia 950 XL with WM10 running the Fast Ring insider updates. Broke :(

Samsung Note 9 and a Samsung S9+

 

About Myself:   https://linustechtips.com/main/profile/229093-sansvarnic/?tab=field_core_pfield_46

 

 CHRISTIAN MEMBER 

 

 

Link to post
Share on other sites
3 hours ago, JCBiggs said:

Hey guys  loaded little post here but Im trying to come up with a workable solution for my company,

 

We bought a new facility for distribution.  With our current MRP software, there is really no good option for a second physical location. Its either buy new MRP (not happening) or do data entry over the phone and by hand (not happening) So, we are going to attempt to make it work like its just another local office, using VPN.   I am curious if any of you have experience with VPNs for 100% on-time business networks, specifically in regards to how stable they are, and if I can expect the sites to stay connected 100% of the time, excluding situations like power outages.   This is important as any interruption in the network would essentially stop work on each end. (massive $ loss in just a couple hours)    Also, VPN would have priority over all other traffic, but what kind of latency and speed reduction do you think we can expect with gigabit?  (or is this more of a hardware selection issue)

 

2 more questions regarding traffic. 

In addition to the manufacturing database, (which is really small bandwidth usage) we are also going to be send security camera streams. H265. probably 100-150mbps continuously on a gigbit connection.  Im wondering if this is really a good idea, or if i should just build another server. (our current server is very underutilized)  I much prefer having the data over here in our climate controlled Server Room.  

 

Lastly; For other "normal" internet traffic.. google, youtube, etc.  is it possible to segregate that traffic and NOT send it over vpn?   I'm thinking of just putting in WIFI access points that are NOT on the VPN.   All computer's Ethernet connections would be locked into the vpn, but the WIFI dongles would be able to reach the internet. I'm thinking this should be doable with the localhost config file, but i'm wondering if there is a better way.   I just dont see a point in routing regular internet traffic through the primary location.  

 

fyi, the two buildings are physically less than 2 miles apart and are serviced by the Same locally  based ISP.

First of all I think your confused about VPN's. All a VPN is, is a secure connection between two points. So what many home users do is pay a VPN service so they have a secure tunnel from their home to the VPN services server. NOW in the business world you use VPN's to connect two sites, or people who work from home and need access to company resources. The point is, in a business situation your NOT using a VPN service. You will have your own servers and pretty much have complete control over the VPN. 

 

How stable it is, depends on the internet connection on each end. Now how to set this up is beyond me, Im sure there are people here or resources online you can consult. 


You ever notice that many establishments have a sign that as "No Shirt, No Shoes, No service"? They never say anything about pants............ You know what that implies. You dont have to wear pants. 

Link to post
Share on other sites
7 hours ago, JCBiggs said:

Lastly; For other "normal" internet traffic.. google, youtube, etc.  is it possible to segregate that traffic and NOT send it over vpn?   

Yes, the Site to Site VPN will only route traffic through it that matched the remote subnet list/route table. All other traffic will not go through the VPN.

 

7 hours ago, JCBiggs said:

We bought a new facility for distribution.  With our current MRP software, there is really no good option for a second physical location. Its either buy new MRP (not happening) or do data entry over the phone and by hand (not happening) So, we are going to attempt to make it work like its just another local office, using VPN.   I am curious if any of you have experience with VPNs for 100% on-time business networks, specifically in regards to how stable they are, and if I can expect the sites to stay connected 100% of the time, excluding situations like power outages.   This is important as any interruption in the network would essentially stop work on each end. (massive $ loss in just a couple hours)    Also, VPN would have priority over all other traffic, but what kind of latency and speed reduction do you think we can expect with gigabit?  (or is this more of a hardware selection issue)

 

7 hours ago, JCBiggs said:

fyi, the two buildings are physically less than 2 miles apart and are serviced by the Same locally  based ISP.

You can either setup your own Site to Site VPN between your firewalls or pay for a service from your ISP. Due to the short distance you should be able to get a service like a Private VLAN between the buildings or a Virtual Wire Pair and treat it as a long distance direct LAN connection. These types of services are more expensive but offer better latency and throughput as well as potentially better up times due to the SLAs on them, which is in part why the cost more.

Link to post
Share on other sites
Posted · Original PosterOP

I think we are just going to go with a hardware option and replace our firewalls with USG', and use the built in P2P vpn option. I dont really understand how to segregate the traffic however, and i think im just going to let the IT company handle that. 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×