Cheap WAN Solutions over the Internet

subyobosubyobo Member Posts: 8 ■□□□□□□□□□
in Off-Topic
Hi all,

I'm new here. I find this forum very helpful. I have some doubts in my head. I have been given a situation in which I need to recommend low cost WAN solutions using the Internet.

I'm thinking of Frame Relay, x.25, ATM and DSL. But I'm not sure about this. Do these technologies use the internet to connect two geographically separated location up? Are there any other technologies that are widely used for this purpose (VPN aside)?

Looking forward to hear from you. Cheers.
· Share on FacebookShare on Twitter

Comments

  • powerfoolpowerfool Member Posts: 1,666 ■■■■■■■■□□
    Short answer is no. These technologies are means to physically connect a network to another, but they are WAN solutions. If you want to use the Internet to connect two locations, you will want to establish a VPN, or Virtual Private Network. One of the most cost effective and reliable ways to do this is to get two firewalls that are capable of being VPN end-points, like the Cisco ASA 5505 (assuming your networks aren't very big, <75 users on each side) or the Sonicwall TZ 210. If your network is larger than that, you will want to bump up to the appropriate model device; the Cisco ASA 5510 can handle a much larger network and will be effective up to 500 users. Also, you can mix and match... bigger location can use a Cisco ASA 5510 and a Cisco ASA 5505 at the smaller location(s).

    If you need assistance, you may want to call on someone to give you further guidance, or potentially implement it for you. Shoot me a PM if you need anything more in-depth.
    2024 Renew: [ ] AZ-204 [ ] AZ-305 [ ] AZ-400 [ ] AZ-500 [ ] Vault Assoc.
    2024 New: [X] AWS SAP [ ] CKA [ ] Terraform Auth/Ops Pro
    · Share on FacebookShare on Twitter
  • phoeneousphoeneous Member Posts: 2,333 ■■■■■■■□□□
    subyobo wrote: »
    Are there any other technologies that are widely used for this purpose (VPN aside)?

    Looking forward to hear from you. Cheers.

    Yes, they're called T1's.
    · Share on FacebookShare on Twitter
  • subyobosubyobo Member Posts: 8 ■□□□□□□□□□
    @Powerfool:That's a great answer (and deep enough). Thanks for taking the time to reply me.

    Let me clarify this once and for all. So, VPN is the only low cost alternative to WAN using Internet connection? Is that it?

    I was under the impression that there need to be a WAN solution first and VPN can be implemented over it to provide a secure connection. Looks like I was dead wrong. Thanks for clearing that up.

    @phoeneous: correct me if I'm wrong, isn't T1 a dedicated physical line by itself? I was hoping to learn about technologies that uses the Internet to connect two geographically-separated sites up.

    Cheers and God bless.
    · Share on FacebookShare on Twitter
  • phoeneousphoeneous Member Posts: 2,333 ■■■■■■■□□□
    subyobo wrote: »
    I was under the impression that there need to be a WAN solution first and VPN can be implemented over it to provide a secure connection. Looks like I was dead wrong. Thanks for clearing that up.

    Cheers and God bless.

    I think you are confusing the terms wan and vpn. You are not wrong entirely. Unless you have some sort of point-to-point or hub-and-spoke type of circuit like a T1 at each site, frame relay, mpls, etc. then you can use the public internet to connect two locations with a vpn tunnel, provided that those two locations have a public ip address.

    Here is a picture of an ipsec vpn tunnel going through the public internet to connect two geographically seperate locations:

    cisco-router-to-router-ipsec-vpn.jpg
    @phoeneous: correct me if I'm wrong, isn't T1 a dedicated physical line by itself? I was hoping to learn about technologies that uses the Internet to connect two geographically-separated sites up.

    I was using the term T1 loosely. I have several branch offices that connect to the public internet using a T1. That T1 circuit is not frame relay, not x.25, not atm, not dsl. And since those branch offices have a public internet connection through a T1 circuit, I can connect them to each other with ipsec vpn tunnels.
    · Share on FacebookShare on Twitter
  • subyobosubyobo Member Posts: 8 ■□□□□□□□□□
    @phoeneous: That is much clearer. Allow me to conclude the discussion (and correct me if I got it wrong). Two sites that already have internet connection can be connected together using VPN tunneling. Technologies like fr, x.25 and atm are used to connect two sites up, and they do not use the Internet for this purpose.

    I only have one slight doubt. FR, x.25 and atm uses public network (packet switching) to establish connection between to sites, yes? The public network that they use, is that not the Internet?

    I'm sorry for my follow up questions. It must be annoying. My apologies..icon_rolleyes.gif
    · Share on FacebookShare on Twitter
  • it_consultantit_consultant Member Posts: 1,903
    You have to remember that T1 or DSL is a way of delivering data packets over specific cabling. The technology chosen to deliver those packets can be different entirely. For example, we have a nine office location which have a combination of DSL and T1's terminated for each. Over those T1s we have a transparent LAN (essentially WAN vlan tagging) which makes it appear that all of our offices are on the same subnet. Our main firewall is located in a datacenter downtown where our ISP converges all of its traffic before its first major BGP handoff, say from Qwest to Level 3 communications.

    What you would need to know is that you call your ISP, tell them to connect your offices using an appropriate point to point technology, they give you a price, and you pay it. They take care of the routing and delivery of data.

    Thats expensive, if bandwidth is not a primary concern a VPN solution is used. You buy a standard internet connection from your ISP, plug in your firewall, and "nail-up" vpn tunnels between your locations. Your ISP will NOT help you with this configuration and does not care about it, their only responsibility is that you have connection to the internet.
    · Share on FacebookShare on Twitter
  • subyobosubyobo Member Posts: 8 ■□□□□□□□□□
    it_consultant wrote: »
    What you would need to know is that you call your ISP, tell them to connect your offices using an appropriate point to point technology, they give you a price, and you pay it. They take care of the routing and delivery of data.

    Hi it_consultant,

    Is this where technologies like frame relay, x.25 and atm come into picture?
    · Share on FacebookShare on Twitter
  • it_consultantit_consultant Member Posts: 1,903
    Yes - but I don't think many ATM or Frame Relay services are offered anymore. Its now a conglomerate of technologies like MPLS or transparent LAN. It all depends on what the provider offers. In fact, I remember I worked with Verizon a couple of years ago and they wouldn't even tell us the underpinning technology. The bill said "private IP line (PIP) 2.0 MB bandwidth". That connected two offices that were across a couple of time zones.

    In that case it was not wise to simple deliver the line to a switch on either end, we had to purchase our own routers and deploy them at the offices.

    In the situation here in denver, there are only a couple of computers at each office, we our whole network looks like a big layer 2 subnet. We can do that without worrying too much about ARP traffic because we have quite a bit of bandwidth available at each location and only about 100 computers in the whole network.
    · Share on FacebookShare on Twitter
  • subyobosubyobo Member Posts: 8 ■□□□□□□□□□
    it_consultant: That answers it all. You have been very helpful, thank you icon_cheers.gif
    · Share on FacebookShare on Twitter
Sign In or Register to comment.