pfSense Support Subscription

Author Topic: What are the Best Practices for setting up Site-to-Site VPN?  (Read 212 times)

0 Members and 1 Guest are viewing this topic.

Offline rkadmin

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
What are the Best Practices for setting up Site-to-Site VPN?
« on: October 30, 2017, 05:36:29 am »
Hi Team,

We would like to use PFSense on a Desktop PC for 3 Branch Offices.  We would like to run Proxy, Web filter and VPN features on these Desktops. I have following questions:
1) Can we use all 3 features...in a single system?
2) Does it recommended to go ahead with the Desktop system for real time setup?
3) What could be the best configuration of Desktop to run these services with Site-to-Site VPN as well.

Thanks,
Ram.





BlueKobold

  • Guest
Re: What are the Best Practices for setting up Site-to-Site VPN?
« Reply #1 on: October 30, 2017, 08:19:45 pm »
Quote
We would like to use PFSense on a Desktop PC for 3 Branch Offices.  We would like to run Proxy, Web filter and VPN features on these Desktops. I have following questions:
* What is your real budget?
* Do you have old server and/or workstation hardware?
* How many peoples or users must be served in each office?
* What kind of traffic is there usually in the game? (Surfing, mailing, downloading, streaming,.......)
* What kind of protocols are in use, what services will be offered and how strong will be the Internet connection speed?

Quote
1) Can we use all 3 features...in a single system?
Yes, of course you will be able to do so, but in which art and wise do you plan to use the Squid Proxy?
- As a caching proxy
- As a transparent http-proxy between the DMZ servers and the LAN clients
- As a non transparent proxy with user authentication for a better single client logging and so on?

Quote
2) Does it recommended to go ahead with the Desktop system for real time setup?
It should be pointed to many edge data or angle points what kind of desktop system is the best option
for you and will be sufficient as well as you was also not talking about your budget plan here!

Quote
3) What could be the best configuration of Desktop to run these services with Site-to-Site VPN as well.
An older workstation can realize all you need!


Offline rkadmin

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Re: What are the Best Practices for setting up Site-to-Site VPN?
« Reply #2 on: October 31, 2017, 05:40:21 am »
Thank You for reply.

We don't have specific budget for this, we wish to use desktop with core i3 processor/4GBRAM/500GB Hard disk.

Branch A=50, Branch B=20, Branch C=20

Traffic: Mailing, surfing. Internet Speed is 50Mbps (Up/Down).

Thanks,
Ram.
 


BlueKobold

  • Guest
Re: What are the Best Practices for setting up Site-to-Site VPN?
« Reply #3 on: October 31, 2017, 09:15:11 am »
We don't have specific budget for this, we wish to use desktop with core i3 processor/4GBRAM/500GB Hard disk.
Is enough for all, but pending on the configuration of pfBlockerNG & DNSBL & TDL you may need more
RAM inside.

Quote
Branch A=50, Branch B=20, Branch C=20
Could be also a SG-4860

Quote
Traffic: Mailing, surfing. Internet Speed is 50Mbps (Up/Down).
Could be also a APU2C4