You want to replace the remote VPN clients on each PC with a VPN gateway for the entire remote office. For exa...
RemotePC1-----+---(Internet)------------Linksys-----Server | RemotePC2-----+would become
RemotePC1-----+---Router---(Internet)---Linksys-----Server | RemotePC2-----+
There are two ways to accomplish this. You can look for a router that behaves as though it were a VPN client. Or you can create a site-to-site VPN tunnel between the router and the Linksys or Server.
The first method has the advantage of requiring no change to your Server site. Your VPN gateway, whether it's your Linksys or Server, will continue to authenticate the new remote router as though it were just another VPN client. In fact, some PCs can continue to connect as they do now while others connect through the remote router. However, your equipment choices are going to be somewhat limited, because there are not that many routers designed to behave as "hardware VPN clients." For an entry-level example, see the SnapGear SG300.
The second method is more common for securing traffic from a remote office to a central site. It requires compatible VPN gateways at both ends. Depending on the products and protocols you are using today, you may be find a VPN/router that will be directly compatible. This is more likely if you are using IPSEC than if you are using PPTP, since many PPTP products operate in client/server rather than site-to-site mode. One entry-level IPSEC router for site-to-site tunneling is the SonicWALL TELE3. Note that if you're using a Windows 2000/XP/2003 Server as a VPN gateway today, you can just add new security policies for an IPSEC site-to-site tunnel. IPSEC is already part of those operating systems, although many companies prefer using a separate VPN gateway to avoid putting VPN load on the server itself.
If you're looking to reduce VPN costs, you might also want to calculate your VPN capacity to see if you can possibly downgrade your VPN link capacity. This tip explains how to calculate the cost of VPN links, for more information.
Dig Deeper on Network Access Control
Related Q&A from Lisa Phifer
Need to send an email, check your flight's status or get ready for a presentation? You can do it all on your smartwatch, thanks to a slew of Apple ...continue reading
New and improved management features have made Android devices more suitable for enterprise use, and API and EMM tools can streamline the device ...continue reading
Whether you need a basic open source mobile device management tool for your company's Apple or Android devices, or something more customized, you ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.