All You Need to Know about Site-to-Site VPN

Image Title

posted by Phi-lac Nguyen
on Sep 28, 2018

A NIFTIT client requested a site-to-site VPN to improve file sharing between two networks of organizations in constant contact (one company provides assets, while the other does the 3D design). Once the VPN was configured, we pushed a group policy to mount a share from the remote office to all the employees. In this case, the VPN made it seem as if the two groups were sharing a network, which increased efficiency and collaborative efforts.

1) Main Benefits

A site-to-site VPN secures communications between two sites over the internet. All the traffic is encrypted using IPSec, which is also known as Internet Protocol Security. This solution allows for a safe extension of a company’s network. 

For example, if a file server is located at the main office and the remote branch needs access to this server, a site-to-site VPN would be useful. Instead of opening access on the file server via the internet, our solution allows for a more secure connection to the file server. It also eliminates the need for each desktop to use a client VPN. 

site-to-site VPN

2) Network Topology 

The easiest network topology is to have the internet line on the firewall/router, as displayed below:  

site-to-site VPN

 However, in case you want to dedicate an internet line to the site-to-site VPN, a network architecture as shown below could work as well: 

site-to-site VPN

 In the second diagram, Firewall A must manage the routing to forward all requests from the main office intended for the remote office network through to Firewall B. The advantage in this second diagram is that the bandwidth of the Internet is not impacted by the VPN. However, it does require the addition of a second internet line. 

Here is an example of a configuration from CISCO:
https://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/119425-configure-ipsec-00.html 

This implementation requires an advanced level of networking knowledge, but when done by a professional it can take just a few hours. To keep implementation time short, it is best if the professional has administrator access to all pieces involved for troubleshooting purposes. 

***

[Read more: Should You Store Documents on SharePoint or OneDrive for Business?]

NIFTIT is a development and design agency in New York, Vietnam & Hong Kong. We are dedicated to empowering businesses of all sizes and non-profit organizations through nifty solutions. Our team develops customized solutions according to the best business practices in the industry. In our weekly blog, we provide the latest news and useful technical blogs about SharePoint, Office 365 and Power BI. Don’t hesitate to subscribe to our newsletter!