|Nov 28, 2012, 02:22 PM||#1|
Complex network setup
we currently have a fios static business connection for our small creative company. We are getting 5 more static ip addresses (have to get them in increments of 5). We are going to use them to host a few web server type things. We are going to have 1 left over.
We currently use an apple airport for a router as it best allows for apple services. One thing we want to add is VPN. As to not mess things up, I am thinking about getting a separate VPN router to allow remote devices to securely access the network.
I am pretty sure that this will work but want a second option:
Internet connection comes in over a ethernet cable. It is then split via a switch to each of the static ip devices. The first is the real network that is behind the airport extreme. The second will be the VPN router. They will be configured as follows:
xxx.xxx.xxx.101 (external static ip)
192.168.1.1 (internal ip)
192.168.2.2 (internal DNS server redirecting to ISP assigned DNS)
xxx.xxx.xxx.xxx (ISP assigned gateway)
192.168.1.25 - 150 (dhcp lease range)
xxx.xxx.xxx.102 (external static ip)
192.168.1.200 (internal ip)
192.168.1.205 - 215 (dhcp lease range assigned only to VPN clients)
Internal DNS and Gateway would point to airport.
The VPN router in this scenario would be plugged into the main network switch and then should be able to coexists without causing any DNS/DHCP/Gateway conflicts. All internal traffic should go out over the airport, while VPN traffic would come in over the VPN router and out over the airport.
If what I am suggesting works, then under this scenario, I would have all of the benefits of the airport extreme plus the ability to securely reconnect to the network via a VPN connection.
Is what I listed above going to work? If so does anyone have a VPN router suggestion?
|Nov 29, 2012, 01:16 AM||#4|
Re: thanks for the suggestion. Any insight on the configuration question?
I prefer a simpler approach, a SonicWall protecting the WAN side and the Airport configured as a WAP.
|Dec 2, 2012, 06:25 PM||#5|
Have a look at this http://www.countryvpn.com/setting-up...t-extreme-vpn/
Potentially this could work - Airport Extreme has VPN pass-through capability.
Airport could be your sole point of connection to internet. It would pass-through VPN traffic (provided it's configured correctly, Apple website has necessary detail) to the VPN router/providing device.
Just another option - I don't see any need to specifically use a "SonicWall" or indeed any other manufacturer specific device. I'm sure there's a lot of info out there about VPN best-practice etc that you could get ideas from?
|Dec 3, 2012, 12:39 PM||#6|
I don't quite get why you need so many static IPs, although always nice. you can run multiple websites, VPN etc all off a single IP.
Do you run osx server in house? Have you considered running VPN on osx server rather than a router. If you are mainly serving to mac clients it might make life easier and avoid buying new hardware, just a thought.
|Dec 3, 2012, 06:17 PM||#7|
|Thread Tools||Search this Thread|
|thread||Thread Starter||Forum||Replies||Last Post|
|Need some help with network setup||aberdeenandy||Mac OS X Server, Xserve, and Networking||5||May 26, 2014 05:20 PM|
|What is the least complex way to setup a server on my mac mini?||sheetrock321||Mac OS X Server, Xserve, and Networking||7||Apr 26, 2014 04:09 PM|
|11" MacBook Air Owner Connects High-End Graphics Card With Complex Thunderbolt Setup||MacRumors||MacRumors.com News Discussion||384||Feb 18, 2014 02:30 PM|
|How to setup home network||jakudo||Mac OS X Server, Xserve, and Networking||2||Dec 28, 2013 08:26 AM|
|Best internet/network setup?||automagrt||Mac OS X Server, Xserve, and Networking||3||Aug 9, 2012 10:31 AM|
All times are GMT -5. The time now is 03:15 AM.