VPN: Router-to-Router or Client-to-Router??

Hi all,

Want to set up a VPN between a small peer-to-peer lan and two other home users. Two sites are on DSL, third is FiOS... all have dynamic IPs. I'm quite familiar with D-Link products, so I'll be using these models for reference, but feel free to suggest other options (but tell me why please)... here are my brainstorming results...

1- Three inexpensive DI-804HVs... One at each site... using best security available between them.

PROS (As I perceive them):

- Possibly better security than using XP client??

- If any site expands, can just plug in additional PCs to to local lans and not bother with additional connections on PC. Not a big deal, but hey. - Dial-up access to each site through modem plugged into DB9 port on DI-804HV (Don't need it right now, but easily might in future)

CONS:

- "Always on" VPN between sites. Greater possibility of attack??

2- One inexpensive DI-804HV at main site... XP client at each remote PC. PROS:

- Least expensive option.

- When remote PCs are off, there's no tunnel active. Although I realize the router would be willing to "accept" a potential connection. So I don;t knwo if my "always on" fear is valid. - Dial-up access to main site through DB9 port. CONS:

- Limits me to PPTP.

- Any other security/performance concerns I might be missing.

3- One DFL-200 at main site, NETDEFEND client or DI_804HVs at remotes. PROS: - Faster VPN performance (supposedly) I know the "A" in ADSL will affect speed more than anything. - Can use NETDEFEND client at remote sites for more robust security. - Can manage bandwidth to each tunnel. - Can also use XP client in a pinch. - Also has DB9 port CONS: - A bit more money than I planned.

So basically, my main question is: What are the advantages/disadvantages of router-to-router vs. client-to-router setups?? Which of the above is best for simple file-sharing between sites? Each site has net access, each site has printers. We just need some very simple

50-100k files accessed every now and then, and at worst, a 1-2mb PDF might have to be opened on occasion.

Thanks in advance!

Jester

Reply to
Jester
Loading thread data ...

Jester - Just went through setting up VPN with DI-808HV (same as DI-804HV but 8 ports).

As far as I know you cannot set up direct "Always On" VPN between the two sites where both have Dynamic IP...even using Dynamic DNS via dyndns.org,etc. You can setup PPTP server on DI-804HV and create a VPN tunnel from any Windows XP machine or by using software you could create the tunnel on other OS's.

The setup on the DI-804HV requires an IP address for the other end - you cannot enter a URL.

Took quite a lot of tinkering to solve my problems with the DI-808 - seems to be working OK now but rather slow. I'd like to hear how your project turns out.

Jester wrote:

Reply to
ilwingsfan

Thanks for the info! Anyhow, my situation has changed a bit... we found a great deal on a used DFL-200 and took it. Should be receiving it by next week.

So now the question is, what's the best way to set up the sites having a DFL-200 at the main site... would it be DI-804HV's or NETDEFEND clients at each site?? Or even plain old XP client at the remotes??? I kind of like the idea of a hardware solution at each site to avoid using resources from the remote PCs, at least to use as little as possible...

Can the DFL-200 allow a remote site to have a URL instead of IP?

Thanks

Reply to
Jester

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.