0

I recently started at a company with no IT infrastructure and have been task with getting the network set up. I do not have a lot of networking experience and have been doing research in trying to connect our sites via VPN tunnel. We have 3 sites 2 of which already have tunnel between them and that was set up by a 3rd party IT Support company. Currently they are using Watchguard Fireboxes as the router in the 2 locations that have the tunnel between them. Will I need to purchase another firebox or can a VPN tunnel be configured from any router. Will the site that I am trying to connect to need to purchase a static IP Address like the other 2 sites have or what is the best route of trying to get that set up?

Another concern that I have is that the site I am trying to set up is using the 192.168.1.x subnet but the first site where I work out of is already on that subnet. Can I just change the subnet of the router or what needs to be done to change that site to 192.168.2.x? Networking is a completely new field for me so I appreciate any and all help.

Freddy Roller
  • 3
  • 2

1 Answers1

1

Will I need to purchase another firebox or can a VPN tunnel be configured from any router.

Assuming that the Firebox VPN is using IPsec, you should be able to connect with any router/firewall that supports IPsec. That said, for a non-technical person like yourself, integration is typically much more simple if you stay with one vendor.

Will the site that I am trying to connect to need to purchase a static IP Address like the other 2 sites have or what is the best route of trying to get that set up?

Yes, if you want any amount of reliability. Dynamic IPs can work with IPSec, but it gets messy really fast.

Can I just change the subnet of the router or what needs to be done to change that site to 192.168.2.x?

Yes, you will need to renumber one of the sites if you want to be able to route traffic between them. How involved or painful this change will be greatly depends on how the systems at the affected site are configured. It could be really simple if a majority of the devices are using DHCP, and you use DNS for everything that's statically-assigned. In this case, just make the change, re-address the few hosts that are statically-assigned and update their DNS records.

It could be, though, that things are much more complex than this. We can't know that without many more details on your setup.

This project isn't completely out of reach for a newbie, but there are many ways you could shoot yourself in the foot and cause downtime, so consider enlisting the help of a network consultant to help you along.

EEAA
  • 109,363
  • 18
  • 175
  • 245