What equipment do I use to connect two LANs in different cities? What are the steps?

How do you connect two LANS from different cities? VPN expert Sampath Ramaswami notes the steps to be taken, in this Q&A.

I want to know what equipment to use to connect two LANs together in different cities. The LANs should be able to connect to each other and access files on computers on the other LANs. I don't mind making use of a public resource like the Internet, and I've been looking into VPNs, but I'm not really sure how to implement them or which devices are needed.

There are two primary approaches to your needs. Virtual Private Network (VPN) is a generic term which means you are linking two private networks together, usually across a non-private network (like the Internet). You could purchase a managed VPN service from a service provider -- then that provider would take care of allowing your two LANs to communicate, without allowing other folks in. From your perspective, it would appear as if the two LANs were connected. All tasks related to configuration and maintenance of the network is assumed by the service provider for a monthly fee.

If the two sites already have broadband Internet accesses, you can implement a VPN yourself. With this approach, sometimes called a "DIY VPN" (do-it-yourself VPN), you purchase two firewall devices (one for each site), and configure them to establish an IPsec tunnel with each other. Each device is configured with policies that allow any traffic from one site destined for the LAN at the other site to be carried across that tunnel.

There are many firewall vendors with a wide range of devices. Most router vendors also provide firewall functionality that can be used for VPN connections. If routers already exist at the two locations for the Internet connections, this approach may be the quickest. For the best interoperability, and to make it easier to set up, it would be best to use two devices from the same manufacturer.

With either approach, your packets are encrypted before traveling over the Internet, which maintains privacy and prevents outsiders from seeing your data. All computers in one city would be able to access servers/resources in the other city the same as if they were right next to each other. However, you should keep in mind that some of the applications, such as file sharing may run slowly over the WAN due to its higher latency compared to the LAN.

Dig Deeper on Network infrastructure

Unified Communications
Mobile Computing
Data Center
ITChannel
Close