سلام کمک، من ایجاد شبکه WAN برای کسب و کار برای حدود 300 نفر در مقر و 40 نفر در هر شاخه (5 شاخه). VPN است یک موضوع نسبتا جدید برای من-من از اصول مطلق اما این کافی نیست.
آنچه تا کنون دارم: من فکر از IPsec VPN در اتصال مش (همه شاخه نیاز به متصل شود با یکدیگر و با HQ). سوال اول: IPsec یک انتخاب خوب است? آید به فایروال امنیت یخ به اندازه کافی چگونه نگاه نمی شود؟
بعد سوال-آیا نیاز به برخی از نرم افزار اضافی و یا روتر شبکه اختصاصی مجازی تابع به اندازه کافی (با پیکربندی البته) با? یخ هر اتصال از طریق VPN (معنی VPN در ارتباط بین شعب و HQ استفاده می شود و همچنین در عادی اینترنت استفاده و مسیریاب استفاده NAT) ساخته شده است؟
اگر من VoIP به من شرکت خواهد شد این تغییر چیزی برای تونن?
چگونه VPN پیکربندی نگاه (ام خواندم چیزی درباره پیکربندی چندین تونل).
ویرایش: چگونه من کل شبکه من “مداوم” برای یک کاربر اطمینان حاصل شود که انجام?
I think you want to post this in /r/networking.
This sub is more for personal VPNs that allow people to use the internet anonymously. Those VPNs normally route all user traffic through the VPN tunnel so the user’s ISP doesn’t see any traffic going anywhere else.
The one my company uses modifies the client’s routing table so the company’s internal networks are routed and encrypted through the VPN tunnel, while all normal internet traffic just goes straight out through the ethernet/wifi interface. When my VPN is off, my routing table only has 3 entries. When I connect to VPN, the routing table has 6 new entries for the corporate networks.
I believe in our case, the VPN router is just the hardware, but each user has to install software on their computer to use it.
In my experience in this sub is for beginner users not beginner network admins. Perhaps a network engineer sub might serve you better.
I’m a dev so I’d have to do the same googling to get the answers as you. Sorry :-/
As stated, you are looking for an enterprise level solution, most things on this sub deal with end users and related issues.
>Is every connection made via VPN (meaning VPN is used in connection between branches and HQ and also in normal internet usage – the router uses NAT)?
I think you may find that the routing is more important than the vpn (assuming it works correctly). If you want a mesh (if thats good would depend on your connections between the sites), you probably want a routing protocol like OSPF. There would be no point in using the internet connection in another site, but it could be done.
IPSec is not [recommended](https://www.howtogeek.com/211329/which-is-the-best-vpn-protocol-pptp-vs.-openvpn-vs.-l2tpipsec-vs.-sstp/).