0

I currently have a customer who has two offices in separate cities. Each location has a Watchguard. They need a backup solution so we proposed a NAS to backup both servers to. The issue is the NAS will be onsite at one of the offices. I am trying to figure out the best way to get the other server to backup to the NAS. My first though is setting up a site-to-site VPN which I believe is a BOVPN. After reading through documentation, I am worried it's too much. I don't want users to really communicate between the offices, I just want the server to have that tunnel to the NAS. Is a BOVPN the only way since they need to be on the same "LAN" in order to backup? If so, is there any danger is connecting both sites since they will now be able to see eachother? Thanks.

MindExplosion
  • 11
  • 1
  • 6
  • What do you mean by "they need to be on the same LAN in order to backup"? – DerfK Sep 22 '16 at 17:45
  • With the NovaStor backup software license I have it can only backup to local devices. The point of the VPN was to make it seem like the NAS is on the same LAN so it can communicate. I may be understanding this wrong which is why im asking. With a BOVPN, cant the server interact with the NAS in the other city as if they're in the same building?? – MindExplosion Sep 22 '16 at 18:36
  • Most likely, it's time to consider either a new backup software or upgraded license. I don't know enough about Watchguard's capabilities to know if it can bridge two locations into a single network like that, but what their website calls [Bridge Mode](http://www.watchguard.com/help/docs/wsm/xtm_11/en-us/content/en-us/networksetup/net_config_bridgemode_c.html) doesn't seem to be what I'm thinking of. – DerfK Sep 22 '16 at 22:04
  • I can't speak to the actual question, but you are able to limit traffic over a BOVPN tunnel using the Policy Manager. When you create a tunnel it will create a pair of firewall policies that allow traffic across it. You can modify the default ones, or disable/delete them and create your own using the tunnel alias it will create for you. Keep in mind that the "Any" alias will also include tunnel destinations. – learley Sep 29 '16 at 22:31

1 Answers1

1

A BOVPN worked beautifully and it is the same case regardless of what software you use to backup. The only downside is that if you're running the backup over the VPN directly, it could fail if there is any packet loss. To bypass this, however, I set the backup to a local drive first, then wrote a script for Robocopy to transfer the backup folder to my NAS in another city.

MindExplosion
  • 11
  • 1
  • 6