Keyboard Shortcuts
Thread View
j: Next unread messagek: Previous unread messagej a: Jump to all threadsj l: Jump to MailingList overview
[pacnog] DSL Connecting branch office to Main Office
Dear Colleagues,
I want to seek for ideas on how to make a connection fast and secure to remote access our branch office and able to share files with this computer. The setting goes like this remote computer connect to DSL modem to ISP to DSL Modem at our main office and get its ip address from our branch office.
PC--->DSL--->ISP---->DSL---Router---Switch---File Server
Do I need to set up a secure PPPOE connection for this? Or Use a router feature to set up a VPN connection? This router has VLAN feature so I'm thinking of making these two branch PC and File Server one VLAN Group so that they can communicate fast, but I don't know whether this would make any difference in transmitting data from our file server to our remote computer or not.
I haven't tried this but these are all my ideas and if you guys know which would be best then I would highly appreciate your comments.
Cheers
Hi Tarau, I am not sure where VLAN fit into your scenario as this is meant to segment broadcast in a LAN. Depending on how you are connected to your ISP you certainly need PPPOE if this is the WAN protocol in use. You can setup two types of VPN here depending on the capability of your router. If you setup site to site which is configurable on router using IPSEC. Alternatively you can setup PPTP on file server and set up client to dial in to your server and to establish your VPN. This is doable on most Window server versions.
Etuate Cocker Casual Developer/Instructor/Network Engineer 10 Ngatira pl, Manurewa, Auckland. CCNA, CCNP, CCAI, CEH.
On Mon, Nov 18, 2013 at 9:11 PM, Tarau Bauia tbauia@gmail.com wrote:
Dear Colleagues,
I want to seek for ideas on how to make a connection fast and secure to remote access our branch office and able to share files with this computer. The setting goes like this remote computer connect to DSL modem to ISP to DSL Modem at our main office and get its ip address from our branch office.
PC--->DSL--->ISP---->DSL---Router---Switch---File Server
Do I need to set up a secure PPPOE connection for this? Or Use a router feature to set up a VPN connection? This router has VLAN feature so I'm thinking of making these two branch PC and File Server one VLAN Group so that they can communicate fast, but I don't know whether this would make any difference in transmitting data from our file server to our remote computer or not.
I haven't tried this but these are all my ideas and if you guys know which would be best then I would highly appreciate your comments.
Cheers
--
Tarau Bauia IT,PUB Betio Tarawa
PH:63792
pacnog mailing list pacnog@pacnog.org http://mailman.apnic.net/mailman/listinfo/pacnog
Hi Etuate,
The remote branch machine is a member of our LAN get its ip address from our local server so it doesn't through WAN. That why it confuses me because I don't know whether I need to create a PPPOE within our LAN or create a VLAN to make file sharing fast.
I can see this computer on the local network but accessing the files on our server from this remote computer is very slow when transfer a file.
Your help is highly appreciated and I will try your hint Etuate to test it and see how it goes and then let you know if it solves our problem.
Cheers
On 11/18/13, Etuate Cocker eduade.2001@gmail.com wrote:
Hi Tarau, I am not sure where VLAN fit into your scenario as this is meant to segment broadcast in a LAN. Depending on how you are connected to your ISP you certainly need PPPOE if this is the WAN protocol in use. You can setup two types of VPN here depending on the capability of your router. If you setup site to site which is configurable on router using IPSEC. Alternatively you can setup PPTP on file server and set up client to dial in to your server and to establish your VPN. This is doable on most Window server versions.
Etuate Cocker Casual Developer/Instructor/Network Engineer 10 Ngatira pl, Manurewa, Auckland. CCNA, CCNP, CCAI, CEH.
On Mon, Nov 18, 2013 at 9:11 PM, Tarau Bauia tbauia@gmail.com wrote:
Dear Colleagues,
I want to seek for ideas on how to make a connection fast and secure to remote access our branch office and able to share files with this computer. The setting goes like this remote computer connect to DSL modem to ISP to DSL Modem at our main office and get its ip address from our branch office.
PC--->DSL--->ISP---->DSL---Router---Switch---File Server
Do I need to set up a secure PPPOE connection for this? Or Use a router feature to set up a VPN connection? This router has VLAN feature so I'm thinking of making these two branch PC and File Server one VLAN Group so that they can communicate fast, but I don't know whether this would make any difference in transmitting data from our file server to our remote computer or not.
I haven't tried this but these are all my ideas and if you guys know which would be best then I would highly appreciate your comments.
Cheers
--
Tarau Bauia IT,PUB Betio Tarawa
PH:63792
pacnog mailing list pacnog@pacnog.org http://mailman.apnic.net/mailman/listinfo/pacnog
Hello Tarau,
I am a bit confused when you say that it's a part of your LAN and gets an IP address from your server? Is there a special arrangement with your ISP? Conventionally, I have seen contemporary DSL connections using PPPoA to connect to the Internet.
As Etuate correctly pointed out VLAN are layer 2 function to manage broadcast domains. More important VLAN should not be considered to provide security in the traditional sense. When you say "secure" connection, I am guessing you are specifically referring to confidentiality.
Again as Etuate correctly suggested, IPSec, L2TP, PPTP are all viable solutions, depending on the capabilities of the nodes involved. If all else fails, OpenVPN should also be considered. OpenVPN is also an open source VPN solution which provides an SSL based VPN connection, and can be easily setup between the PC and server (or the PC and your router, depending on the routers capabilities), and tweaked to your requirements.
Without knowing more detail of your setup and configuration it's unwise to comment on the performance of your file transfer, but I'll ask the obvious question anayway, have you checked routes, name resolution and firewall rules :) ?
Sincerely -- Kush, Nishchal kush@kush.com.fj
-----Original Message----- From: pacnog-bounces@pacnog.org [mailto:pacnog-bounces@pacnog.org] On Behalf Of Tarau Bauia Sent: Monday, 18 November 2013 6:44 PM To: Etuate Cocker Cc: pacnog Subject: Re: [pacnog] DSL Connecting branch office to Main Office
Hi Etuate,
The remote branch machine is a member of our LAN get its ip address from our local server so it doesn't through WAN. That why it confuses me because I don't know whether I need to create a PPPOE within our LAN or create a VLAN to make file sharing fast.
I can see this computer on the local network but accessing the files on our server from this remote computer is very slow when transfer a file.
Your help is highly appreciated and I will try your hint Etuate to test it and see how it goes and then let you know if it solves our problem.
Cheers
On 11/18/13, Etuate Cocker eduade.2001@gmail.com wrote:
Hi Tarau, I am not sure where VLAN fit into your scenario as this is meant to segment broadcast in a LAN. Depending on how you are connected to your ISP you certainly need PPPOE if this is the WAN protocol in use. You can setup two types of VPN here depending on the capability of your router. If you setup site to site which is configurable
on router using IPSEC.
Alternatively you can setup PPTP on file server and set up client to dial in to your server and to establish your VPN. This is doable on most Window server versions.
Etuate Cocker Casual Developer/Instructor/Network Engineer 10 Ngatira pl, Manurewa, Auckland. CCNA, CCNP, CCAI, CEH.
On Mon, Nov 18, 2013 at 9:11 PM, Tarau Bauia tbauia@gmail.com wrote:
Dear Colleagues,
I want to seek for ideas on how to make a connection fast and secure to remote access our branch office and able to share files with this computer. The setting goes like this remote computer connect to DSL modem to ISP to DSL Modem at our main office and get its ip address from our branch office.
PC--->DSL--->ISP---->DSL---Router---Switch---File Server
Do I need to set up a secure PPPOE connection for this? Or Use a router feature to set up a VPN connection? This router has VLAN feature so I'm thinking of making these two branch PC and File Server one VLAN Group so that they can communicate fast, but I don't know whether this would make any difference in transmitting data from our file server to our remote computer or not.
I haven't tried this but these are all my ideas and if you guys know which would be best then I would highly appreciate your comments.
Cheers
--
Tarau Bauia IT,PUB Betio Tarawa
PH:63792
pacnog mailing list pacnog@pacnog.org http://mailman.apnic.net/mailman/listinfo/pacnog
-- ************************************************ Tarau Bauia IT,PUB Betio Tarawa
PH:63792 ************************************************ _______________________________________________ pacnog mailing list pacnog@pacnog.org http://mailman.apnic.net/mailman/listinfo/pacnog
Thanks Kush,
It is a special arrangement with our ISP, Remote PC connected to dsl modem to ISP to dsl modem at our main office and that can either hook up to a switch or router but not to the WAN port but to the LAN port where it can obtain its IP address from our server.
PC Remote -------DSL Modem-----ISP-----DSL Modem----Switch
The above setting also work, or can be a computer where both has static ip addresses. I'm not really sure if this arrangement is secure that doesn't need any form of encryption like what you have explained and Etuate. Because I'm not connecting this DSL Modem directly to my server but its part of our LAN that why I'm thinking of VLAN if that can isolate the two ports and make more connection fast when transferring files.
When I copy a file from our file server to my remote computer from this remote computer, it always time out that why I'm trying to find a better solution beside hooking this Remote PC straight to our switch at the Main Office. If someone has used this kind of connection arranged by your ISP. I guess that ATM Machines use this kind of connection to get data from their main office, but I don't know whether they plainly transfer data through this line or maybe they have other form of encryption to secure this channel.
Ideas and comments is highly appreciate..
Thanks
On 11/19/13, Kush, Nishchal kush@kush.com.fj wrote:
Hello Tarau,
I am a bit confused when you say that it's a part of your LAN and gets an IP address from your server? Is there a special arrangement with your ISP? Conventionally, I have seen contemporary DSL connections using PPPoA to connect to the Internet.
As Etuate correctly pointed out VLAN are layer 2 function to manage broadcast domains. More important VLAN should not be considered to provide security in the traditional sense. When you say "secure" connection, I am guessing you are specifically referring to confidentiality.
Again as Etuate correctly suggested, IPSec, L2TP, PPTP are all viable solutions, depending on the capabilities of the nodes involved. If all else fails, OpenVPN should also be considered. OpenVPN is also an open source VPN solution which provides an SSL based VPN connection, and can be easily setup between the PC and server (or the PC and your router, depending on the routers capabilities), and tweaked to your requirements.
Without knowing more detail of your setup and configuration it's unwise to comment on the performance of your file transfer, but I'll ask the obvious question anayway, have you checked routes, name resolution and firewall rules :) ?
Sincerely
Kush, Nishchal kush@kush.com.fj
-----Original Message----- From: pacnog-bounces@pacnog.org [mailto:pacnog-bounces@pacnog.org] On Behalf Of Tarau Bauia Sent: Monday, 18 November 2013 6:44 PM To: Etuate Cocker Cc: pacnog Subject: Re: [pacnog] DSL Connecting branch office to Main Office
Hi Etuate,
The remote branch machine is a member of our LAN get its ip address from our local server so it doesn't through WAN. That why it confuses me because I don't know whether I need to create a PPPOE within our LAN or create a VLAN to make file sharing fast.
I can see this computer on the local network but accessing the files on our server from this remote computer is very slow when transfer a file.
Your help is highly appreciated and I will try your hint Etuate to test it and see how it goes and then let you know if it solves our problem.
Cheers
On 11/18/13, Etuate Cocker eduade.2001@gmail.com wrote:
Hi Tarau, I am not sure where VLAN fit into your scenario as this is meant to segment broadcast in a LAN. Depending on how you are connected to your ISP you certainly need PPPOE if this is the WAN protocol in use. You can setup two types of VPN here depending on the capability of your router. If you setup site to site which is configurable
on router using IPSEC.
Alternatively you can setup PPTP on file server and set up client to dial in to your server and to establish your VPN. This is doable on most Window server versions.
Etuate Cocker Casual Developer/Instructor/Network Engineer 10 Ngatira pl, Manurewa, Auckland. CCNA, CCNP, CCAI, CEH.
On Mon, Nov 18, 2013 at 9:11 PM, Tarau Bauia tbauia@gmail.com wrote:
Dear Colleagues,
I want to seek for ideas on how to make a connection fast and secure to remote access our branch office and able to share files with this computer. The setting goes like this remote computer connect to DSL modem to ISP to DSL Modem at our main office and get its ip address from our branch office.
PC--->DSL--->ISP---->DSL---Router---Switch---File Server
Do I need to set up a secure PPPOE connection for this? Or Use a router feature to set up a VPN connection? This router has VLAN feature so I'm thinking of making these two branch PC and File Server one VLAN Group so that they can communicate fast, but I don't know whether this would make any difference in transmitting data from our file server to our remote computer or not.
I haven't tried this but these are all my ideas and if you guys know which would be best then I would highly appreciate your comments.
Cheers
--
Tarau Bauia IT,PUB Betio Tarawa
PH:63792
pacnog mailing list pacnog@pacnog.org http://mailman.apnic.net/mailman/listinfo/pacnog
--
Tarau Bauia IT,PUB Betio Tarawa
PH:63792
pacnog mailing list pacnog@pacnog.org http://mailman.apnic.net/mailman/listinfo/pacnog
so I'm thinking of making these two branch PC and File Server one VLAN Group so that they can communicate fast, but I don't know whether this would make any difference in transmitting data from our file server to our remote computer or not
Hi Tarau
From what you have described, the limitation here is the bandwidth provided by the DSL link.
Putting the remote pc and server on the same vlan/subnet will not make it faster as it still needs to go over the same link.
Thanks Epeli,
I thought I have to do something to make this connection fast but maybe the problem is a bandwidth provided by my ISP. I will check with them but if guys know whether encryption is needed between this two nodes then please let me know.
Cheers
On Tue, Nov 19, 2013 at 7:04 AM, Epeli Tagi epelit@sprep.org wrote:
so I'm thinking of making these two branch PC and File Server one VLAN Group so that they can communicate fast, but I don't know whether this would make any difference in transmitting data from our file server to our remote computer or not
Hi Tarau
From what you have described, the limitation here is the bandwidth provided by the DSL link.
Putting the remote pc and server on the same vlan/subnet will not make it faster as it still needs to go over the same link.
Your throughput can be enhanced with VPN if ISP is prioritizing VPN related traffic. That is with use of QoS and proper SLA with ISP. As per email from Epeli, you definitely need to know speed of your DSL links. If speed is not the issue then check with ISP if QoS is in use, if so what the different classes of traffic.
Etuate Cocker Casual Developer/Instructor/Network Engineer 10 Ngatira pl, Manurewa, Auckland. CCNA, CCNP, CCAI, CEH.
On Tue, Nov 19, 2013 at 9:18 AM, Tarau Bauia tbauia@gmail.com wrote:
Thanks Epeli,
I thought I have to do something to make this connection fast but maybe the problem is a bandwidth provided by my ISP. I will check with them but if guys know whether encryption is needed between this two nodes then please let me know.
Cheers
On Tue, Nov 19, 2013 at 7:04 AM, Epeli Tagi epelit@sprep.org wrote:
so I'm thinking of making these two branch PC and File Server one VLAN Group so that they can communicate fast, but I don't know whether this would make any difference in transmitting data from our file server to our remote computer or not
Hi Tarau
From what you have described, the limitation here is the bandwidth provided by the DSL link.
Putting the remote pc and server on the same vlan/subnet will not make it faster as it still needs to go over the same link.
--
Tarau Bauia IT,PUB Betio Tarawa
PH:63792
pacnog mailing list pacnog@pacnog.org http://mailman.apnic.net/mailman/listinfo/pacnog
Hi, the speed is 128 Kbits up and down, that what they said. Do you think would that speed sufficient to transfer a file about 50MB from file server to remote computer or do I need so software to make this transfer possible?
On Tue, Nov 19, 2013 at 8:49 AM, Etuate Cocker eduade.2001@gmail.comwrote:
Your throughput can be enhanced with VPN if ISP is prioritizing VPN related traffic. That is with use of QoS and proper SLA with ISP. As per email from Epeli, you definitely need to know speed of your DSL links. If speed is not the issue then check with ISP if QoS is in use, if so what the different classes of traffic.
Etuate Cocker Casual Developer/Instructor/Network Engineer 10 Ngatira pl, Manurewa, Auckland. CCNA, CCNP, CCAI, CEH.
On Tue, Nov 19, 2013 at 9:18 AM, Tarau Bauia tbauia@gmail.com wrote:
Thanks Epeli,
I thought I have to do something to make this connection fast but maybe the problem is a bandwidth provided by my ISP. I will check with them but if guys know whether encryption is needed between this two nodes then please let me know.
Cheers
On Tue, Nov 19, 2013 at 7:04 AM, Epeli Tagi epelit@sprep.org wrote:
so I'm thinking of making these two branch PC and File Server one VLAN Group so that they can communicate fast, but I don't know whether this would make any difference in transmitting data from our file server to our remote computer or not
Hi Tarau
From what you have described, the limitation here is the bandwidth provided by the DSL link.
Putting the remote pc and server on the same vlan/subnet will not make it faster as it still needs to go over the same link.
--
Tarau Bauia IT,PUB Betio Tarawa
PH:63792
pacnog mailing list pacnog@pacnog.org http://mailman.apnic.net/mailman/listinfo/pacnog
Hi, the speed is 128 Kbits up and down, that what they said. Do you think would that speed sufficient to transfer a file about >> 50MB from file server to remote computer or do I need so software to make this transfer possible?
In ideal conditions (using max 128Kbps and link is stable) a 50MB file would take at least 50 minutes to download. If the DSL link has other traffic such as internet or email etc, all these data streams will share the bandwidth which will result in more file transfer time.
1. I have not used it before but there are FTP software (such as WinSCP) that have resume support. Basically if your file transfer times out, it will resume the download when connection is restored. This is very useful for unstable, slow links.
2. QoS was mentioned by Etuate. Without involving your ISP, you can also set outbound QoS on both ends of your link to always prioritize your file transfer traffic.
3. Final option is to get more bandwidth. A 2Mbps link with transfer your 50MB file in approximately 3 - 4 minutes. Hope this is helpful. Epeli
Epeli Tagi | Information Technology Network System Support Engineer Ing?nieur charg? des r?seaux et du soutien informatiques Phone | +685 21929 Ext 308 | Fax | +685 20231 | Website | www.sprep.orghttp://www.sprep.org | Email | epelit@sprep.orgmailto:epelit@sprep.org |
[cid:e-sig-cs]http://www.sprep.org [cid:9thpnc] http://www.sprep.org/pacificnatureconference The Pacific environment - sustaining our livelihoods and natural heritage in harmony with our cultures
[cid:company2]
This communication contains information which is confidential and the copyright of SPREP. It is intended solely for the addressee. If you are not the intended recipient, any disclosure, copying or distribution is prohibited and may be unlawful. Due care has been taken by SPREP to scan for viruses by SPREP's automated virus scanning software. However, SPREP accepts no responsibility for any effects of this email message or attachments on any damage caused to your computer system or network.
May be off-topic, but here is a nice video explaining 'why the internet is slow' from another mailing list.
http://mirror.linux.org.au/linux.conf.au/2013/ogv/Bufferbloat_from_a_Plumber... (Duration 41:20)
On 11/19/2013 10:42 AM, Epeli Tagi wrote:
Hi, the speed is 128 Kbits up and down, that what they said. Do you
think would that speed sufficient to transfer a file about >> 50MB from file server to remote computer or do I need so software to make this transfer possible?
In ideal conditions (using max 128Kbps and link is stable) a 50MB file would take at least 50 minutes to download.
If the DSL link has other traffic such as internet or email etc, all these data streams will share the bandwidth which will result in more file transfer time.
I have not used it before but there are FTP software (such asWinSCP) that have resume support. Basically if your file transfer times out, it will resume the download when connection is restored. This is very useful for unstable, slow links.
QoS was mentioned by Etuate. Without involving your ISP, youcan also set outbound QoS on both ends of your link to always prioritize your file transfer traffic.
Final option is to get more bandwidth. A 2Mbps link withtransfer your 50MB file in approximately 3 - 4 minutes.
Hope this is helpful.
Epeli
*Epeli Tagi* | Information Technology Network System Support Engineer Ingénieur chargé des réseaux et du soutien informatiques *Phone* | +685 21929 Ext 308 | *Fax* | +685 20231 | *Website* | *www.sprep.org* http://www.sprep.org| *Email* | epelit@sprep.org mailto:epelit@sprep.org |
http://www.sprep.org http://www.sprep.org/pacificnatureconference /The Pacific environment - sustaining our livelihoods and natural heritage in harmony with our cultures/
This communication contains information which is confidential and the copyright of SPREP. It is intended solely for the addressee. If you are not the intended recipient, any disclosure, copying or distribution is prohibited and may be unlawful. Due care has been taken by SPREP to scan for viruses by SPREP's automated virus scanning software. However, SPREP accepts no responsibility for any effects of this email message or attachments on any damage caused to your computer system or network.
pacnog mailing list pacnog@pacnog.org http://mailman.apnic.net/mailman/listinfo/pacnog
Thank you Epeli, I'm starting to get the idea prioritizing the link between these two. I will check on vigor router manual and tutorials for QoS but that means if they both on the same switch then QoS can also apply?..
Cheers
On Tue, Nov 19, 2013 at 9:42 AM, Epeli Tagi epelit@sprep.org wrote:
Hi, the speed is 128 Kbits up and down, that what they said. Do you
think would that speed sufficient to transfer a file about >> 50MB from file server to remote computer or do I need so software to make this transfer possible?
In ideal conditions (using max 128Kbps and link is stable) a 50MB file would take at least 50 minutes to download.
If the DSL link has other traffic such as internet or email etc, all these data streams will share the bandwidth which will result in more file transfer time.
I have not used it before but there are FTP software (such asWinSCP) that have resume support. Basically if your file transfer times out, it will resume the download when connection is restored. This is very useful for unstable, slow links.
QoS was mentioned by Etuate. Without involving your ISP, you canalso set outbound QoS on both ends of your link to always prioritize your file transfer traffic.
Final option is to get more bandwidth. A 2Mbps link withtransfer your 50MB file in approximately 3 - 4 minutes.
Hope this is helpful.
Epeli
*Epeli Tagi* | Information Technology Network System Support Engineer Ingénieur chargé des réseaux et du soutien informatiques *Phone* | +685 21929 Ext 308 | *Fax* | +685 20231 | *Website* | *www.sprep.org* http://www.sprep.org | *Email* | epelit@sprep.org | http://www.sprep.org http://www.sprep.org/pacificnatureconference *The Pacific environment - sustaining our livelihoods and natural heritage in harmony with our cultures*
This communication contains information which is confidential and the copyright of SPREP. It is intended solely for the addressee. If you are not the intended recipient, any disclosure, copying or distribution is prohibited and may be unlawful. Due care has been taken by SPREP to scan for viruses by SPREP's automated virus scanning software. However, SPREP accepts no responsibility for any effects of this email message or attachments on any damage caused to your computer system or network.
Activity Summary
- 3416 days inactive
- 3416 days old
- pacnog@pacnog.org
- 5 participants
- 11 comments
Participants (5)
-
Epeli Tagi
-
Etuate Cocker
-
Kush, Nishchal
-
Tarau Bauia
-
Thomas Murgan