1

I would like to extend my LAN to another site. I have people who work on both sites and I want it to be as if they are in the same LAN, regardless of where they are.

I have servers on both sites and they should not be aware that they are separated by the internet.

So What I want is to have a "virtual network cable" that connects my 2 sites.

Any suggestions?

Please keep in mind that it has to be as if I have a real network cable connecting the switch of site 1 with the switch of site 2!

Thanks in advance!

Johan

Johan Claes
  • 65
  • 2
  • 10

2 Answers2

2

Literally a "virtual network cable" would be a VPN in TAP mode, simulating link layer (L2), both end having the same subnet. However, things will work as required even if you have different subnets on every site i.e. use VPN in TUNneled mode, simulating network layer (L3). Actually the TUN mode has advantages: for example Windows domain is site-aware and can refer to the nearest domain controller, causing less network traffic between the sites.

If you don't want to setup everything from scratch, which is not a good idea if you don't have much knowledge on VPN technology, you may want to have routers/firewalls that have easy out-of-box wizard based site-to-site VPN setup.

Esa Jokinen
  • 46,944
  • 3
  • 83
  • 129
  • We have Sophos UTM9 on both sides, but all I can find is examples with 2 different ip subnets. I would like to have just one, so all servers and clients are in the same address range etc. Is that possible with our setup? – Johan Claes Aug 30 '17 at 12:15
  • With Sophos UTM9 it's by design that you should have different subnets. However, that shouldn't be a problem in your use case. It's completely normal to have routing between the sites and they are still in the same private network. – Esa Jokinen Aug 30 '17 at 12:34
  • 1
    Thank you for your answer. We went with 2 different ip subnets, changed the IP's of the servers and it all works great. I expected problems after changing the IP addresses but there weren't any. – Johan Claes Sep 20 '17 at 09:36
0

As you don't specify the operating system or others needs I would confirm that you need a VPN. You could check out the OpenVPN software.

OpenVPN is a full-featured SSL VPN which implements OSI layer 2 or 3 secure network extension using the industry standard SSL/TLS protocol, supports flexible client authentication methods based on certificates, smart cards, and/or username/password credentials, and allows user or group-specific access control policies using firewall rules applied to the VPN virtual interface. OpenVPN is not a web application proxy and does not operate through a web browser.

Federico Galli
  • 918
  • 6
  • 16