VPN between to routers or 2 firewalls?

Page may contain affiliate links. Please see terms for details.
M

mapleleaf

MB Enthusiast
Joined
Dec 4, 2002
Messages
1,719
Location
Hinckley, Leicestershire
Car
2022 GLC 300 estate- replaced 2018 Gle 43 AMG Night - replaced previous 2015 E63 AMG
Hi All

following on from my previous thread about installing a VOIP phone system at work, I decided at the last minute to play safe and cancel the VOIP order and stick with ISDN 30 - but still using a Panasonic NCP 1000 PBX so Ican set up a single IP extension using a DSP SIP card to my office in Canada. the idea being to make & receive calls in Canada using the UK office phone system.

I have received conflicting advise regarding how to set up the necessary VPN between the sites which is purely to use the remote IP phone.

My phone guy says a VPN between 2 draytek vigor 2820 routers works fine and is a recommended solution by Panasonic to create a virtual extension. He has installed this solution for several clients in the UK

The PBX wil not be connected to the company IT network behind the firewall. Just the DSP card will be connected directly to the router . At the remote end - its proposed that the IP phone panasonic KXNT 343 is connected into the router in Canada.


My IT guy says no way is that acceptable and I need to run the VPN between 2 cisco pix/ ASA firewalls . We have CISCO pix in the UK and just a cisco/linksys router in Canada ie no separate dedicated firewall hardware. The IT guy basically wants me to buy a CISCO ASA and pay him for the rather complex configuration. I also need to buy som efixed IP addresses - but I dont think my Canadian ISP Bell Canada, provides those.

Does anyone have any experience or opinions in this regard? whats the best way forward?

TIA
 
Sorry but I have not been able to find your previous thread.
Why dont you simply set up an open source SIP PBX and use SIP extensions without getting into any VPN/routers/config. Or you can simply use a hosted PBX solution.
Or you can use two off them and connect them with eachother.
If you can email me ([email protected]) your current/required setup - I might be able to help.
Usman
 
Thanks Usman,

Before I forget,... Can i suggest that you remove your private email address from this very public forum -

The only way the IP extension will work, according to Panasonic techs is through a VPN. My question is really how best to set up said VPN - is it ok between 2 routers from a security / breach point of view - bearing in mind the Draytk routers suggested have fairly good firewalls in them .. or do I have to go CISCO firewall to CISCO firewall . Making the connection more complex and more expensive than I would want .

Hosting etc isnt going to work in this particular case either - just a secure VPN tunnel.
 
I use Vigor(draytek) routers for budget ipsec tunnels, never had a problem with them, Cisco will always be recommended by some as they are market leaders, and I think some Company's only have skills in the top end vpn appliances so will not attempt to create a vpn over anything they see as less capable
 
markmifsud said:
I use Vigor(draytek) routers for budget ipsec tunnels, never had a problem with them, Cisco will always be recommended by some as they are market leaders,
Click to expand...

The Cisco stuff clearly offers capability at the enterprise level.

But the Drayteks are fine at what they do. We've used them for VPNs (various 2600, 2800, 2900, and 2820) for years and they just work.

The only hassle discovered so far is the ADSL 2+ on the earlier 2800 models doesn't seem to like Be (and by inference O2) ADSL lines.

The OP mentioned fixed IPs. If setting up a VPN with one of these boxes you can get away with a fixed IP at one end by making the router at the dynamic IP end responsible for raising the VPN and keeping it permanently active.

However that still leaves the downside of a lack of a fixed IP to access the remote router for admin/config purposes. So it's still better overall with a fixed IP at both ends.
 
Any Cisco or VPN experts here care to make themselves known ? I have a little problem .....
 
thanks everyone

we have decided to keep it simple and stick with router to router and see how it works out. trial & error really. I'll let you know how it goes. install is booked for end of march
 
You must log in or register to reply here.

Users who are viewing this thread

Total: 2 (members: 0, guests: 2)

Similar threads

M
E55 AMG V8 5.5 Supercharged (600bhp) LPG converted gives 56+mpg Very Rare and Mint Car - 2 Owners
Replies
0
Views
4K
mjansari
M
A
So my brother in England wants to buy a used SL
Replies
13
Views
2K
Merc220cls
Merc220cls
T
Don't lie to your mechanic or wife
Replies
8
Views
1K
Tuercas viejas
T
gr1nch
Resources for protecting your car from attacks
2
Replies
21
Views
2K
Delayed Steve
D
W
How to get Internet access on COMAND
Replies
10
Views
54K
markjay
markjay
Back
Top Bottom