Tech Janitor Inherits mess, Send help?

[johneyiron]

Hello All, I very recently got a job as the IT guy for a smallish company, they recently needed to expand into a second building in the complex, and now their satellite office is connected to the primary office's network via a chain of ethernet cables and switches, which at one point exits and spans a field.

I am looking to use the fiber internet line from the satellite office to build a site-to-site vpn with openVPN,

I am at a bit of a loss however, the boss wants to use the fiber, doesn't want to be strung out across the field, however I am trying to go for reliability and cost effective-ness. at the moment the best solution to this mess is either:

-Ubiquiti UDM pro and AP in the primary office, Edgerouter and ubiquiti AP in the satellite.
-Ubiquiti Edgerouters on both ends and some other APs.

I believe I understand how to configure the openVPN but I am struggling to find the best configuration of hardware to restore order to the mess I have found came with the job.

TIA.

[tkitch]

If you have 2 fiber connections (One in each building) you should be able to configure a proper VPN Tunnel between the two firewalls.

[johneyiron]

Would you mind elaborating on how you would recommend doing so? I have been doing a lot of reading, but there are many solutions and i dont know which is best.

[Falcon1986]

3 hours ago, johneyiron said:

I am struggling to find the best configuration of hardware to restore order to the mess I have found came with the job.

If both sites have a UDM-Pro, you can establish a site-to-site VPN quite easily.

[eece_ret]

Ubiquiti IPSEC performance sucks and effects traffic forwarding.    So large network flows across the VPN can (and will) effect the users internet experience at each site (it will slow down and you will probably get complaints).