SearchSearch   ProfileProfile   Log inLog in   RegisterRegister 

Data centre set up questions

 
Post new topic   Reply to topic    FirstSpot Forum Index -> Pre-sales Support Forum
View previous topic :: View next topic  
Author Message
david3733



Joined: 17 Mar 2004
Posts: 2
Location: hORNCHURCH

PostPosted: Wed Mar 17, 2004 12:59 pm    
Post subject: Data centre set up questions

I am very new to this product and just trying to get my head around it, I would like to be able to have a number of external sites, coming into a central data point with Firstspot

client > wireless AP>VPN (LAN) broadband router(behind NAT with static IP>internet>VPN broadband router>Firstspot machine

with the VPN router at the Server end capable of recieving multiple tunnels for the various diferent sites all using ip addressing instead of MAC.

From what I have read this product can do this, i think, but where I am having trouble is at the server end would all the traffic come through the private ip (on a LAN to LAN basis with VPN) and then go out on the public ip?

If so would you need 2 public ip's at the server end or does the software reconize the traffice and deal with it back through the router?

Also does this also mean that that all of the approved traffic after being signed on goes back out through the server router causing a bottle neck or once the clients are signed in does the traffic go out through the local router?

I would also be interested in knowing what the server spec recommendation should be in this situation, would 2000 server be better than 2000 proffessional (being as it appears it does not use a lot of the server facilities although terminal services would be handy), and what processor and ram, would this machine have to be a standalone machine not running any other services

Thank you in advance for any information passed



David
Back to top
alan
Forum facilitator


Joined: 26 Sep 2003
Posts: 4435

PostPosted: Wed Mar 17, 2004 4:41 pm    
Post subject:

If there is a router between FirstSpot and AP, you need to setup "Multiple Network Segments". Please refer to Scenerio 3 of the Chapter "Network Topologies" in the firstspot_guide.pdf.

Keep in mind that you need to use IP-based session handling.

FirstSpot will run in PC with 2 network cards - 1 connects to the Wi-Fi side and 1 connects to the Internet side. Once the users login, the traffic will go through FirstSpot and then to the Internet. FirstSpot is quite efficient and our internal testing shows that the network connection is usually the bottleneck rather than the PC itself (assuming that the network card is 100base-T and PC is reasonably powerful). Both 2000 Server and Professional should work in your case
_________________
~ Patronsoft Limited ~
Back to top
david3733



Joined: 17 Mar 2004
Posts: 2
Location: hORNCHURCH

PostPosted: Wed Mar 17, 2004 5:26 pm    
Post subject:

I have reffered to Scenerio 3 - But ask the question

"I am very new to this product and just trying to get my head around it, I would like to be able to have a number of external sites, coming into a central data point with Firstspot

client > wireless AP>VPN (LAN) broadband router(behind NAT with static IP>internet>VPN broadband router>Firstspot machine

with the VPN router at the Server end capable of recieving multiple tunnels for the various diferent sites all using ip addressing instead of MAC.

From what I have read this product can do this, i think, but where I am having trouble is at the server end would all the traffic come through the private ip (on a LAN to LAN basis with VPN) and then go out on the public ip? "

What I mean by this is sitea and siteb have ADSL with Wifi and VPN site c has server 2000 with first spot runningagain with ADSL and VPN can sites a & b both make contact through the internet to first spot. ?

and as I said in my earlier post about the traffic
"Also does this also mean that that all of the approved traffic after being signed on goes back out through the server router causing a bottle neck or once the clients are signed in does the traffic go out through the local router? "

client>wifi>VPN ADSL>internet>VPN ADSL>firstspot
sign on etc then to browse the net is the client retreiveing data through the same route? if so then surly this must bottle neck the VPN connection at the server end?

Is there no advantages of running 2000 server over 2000 professional?
will terminal services run in administration mode conflict in anyway?

In the Scenerio mentioned above through ADSL the traffic will come into the server through VPN and private address through a ADSL router then traffic going out must go through a public address, does this mean I need to have 2 public Static IP's?
Back to top
alan
Forum facilitator


Joined: 26 Sep 2003
Posts: 4435

PostPosted: Thu Mar 18, 2004 4:25 am    
Post subject:

Once the user sign-in, the client will retreiveing data through the same route. You can reduce the VPN overhead by using so-called Authentication Header (AH) mode since there is really no need to encrypt the data (you just need to create a tunnel).

As far as I know, there is some performance advantage for using Windows 2000 Server. Considering that you want to use Terminal Server (yes, FirstSpot is compatible with it), you might want to use Windows 2000 Server.

Regarding the IPs problem, FirstSpot needs a static IP (but not necessary public IP, can be 192.168.0.x) in the private side. In the public side, you of course need a public IP (but not necessary static, since FirstSpot can utilize dynamic IP)

(see http://www.patronsoft.com/forum/viewtopic.php?t=106 for another discussion on VPN tunnel, and http://www.patronsoft.com/forum/viewtopic.php?t=97 for discussion on difference network scenerios)
_________________
~ Patronsoft Limited ~
Back to top
Display posts from previous:   
Post new topic   Reply to topic    FirstSpot Forum Index -> Pre-sales Support Forum All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group