› Forums › Network Management › ZeroShell › VLAN Setup
- This topic is empty.
-
AuthorPosts
-
June 2, 2009 at 4:19 pm #41705
redtdi
MemberI am trying to setup a system that will have 10 VPNs connected to a head office ZeroShell. I want to separate each office from the other offices using VLANs and then connect the Head Office to a MikroTik RB1000 to route traffic to each office.
Which interfaces do I put VLAN Ids on in this system in order to route data from one office through to another office through the LAN-To-LAN VPNs that I have setup?
Thanks,
KenJune 3, 2009 at 1:09 pm #48188redtdi
MemberI would be willing to pay for an hour or so of consulting to help get this setup.
Thanks,
KenJune 3, 2009 at 3:08 pm #48189vpn_rollercoaster
MemberI’m very sure that the MikroTik RB1000 is fully capable of terminating vpn tunnels and controlling policies with access lists with the correct OS Level software image.
It seems like an over kill to terminate the vpn tunnels to zeroshell and then backhaul traffic to the MicroTik router.
Can you provide a diagram of what you’re trying to accomplish because there may be a much simpler way without diving into expensive hardware, software and routing traffic all over the internet.
June 3, 2009 at 3:15 pm #48190redtdi
MemberThe reason we are using ZeroShell is because it does a MUCH better job of VPN tunnels. For some reason we can’t get more than 3.5MBit through any kind of MikroTik tunnel and we get 10MBits + through ZeroShell. Trust me on this I have spent over $10,000 and consulted with many MikroTik gurus and MikroTik themselves only to find that MikroTik can’t handle ENCRYPTED tunnels the way we need.
ZeroShell can’t be monitored with Cacti externally and isn’t as easy to use for firewall rules as a MikroTik which is why we are trying to mix technologies.
Ken
June 3, 2009 at 3:22 pm #48191vpn_rollercoaster
MemberPlease PM me with the hardware/software at each site and the network diagram or post it here.
June 3, 2009 at 4:15 pm #48192redtdi
MemberRemote Office 1-n
Alix running ZeroShell with LAN-To-LAN VPN back to Head Office bridged on single Ethernet port.Head Office
PC running ZeroShell receiving LAN-To-LAN VPNs bridged to a single Ethernet port.What I want is for each Office to be a separate VLAN that will go into the MikroTik then added to a bridge on the MikroTik. This will allow us to monitor traffic for each office by their VLAN interface (using SNMP – Cacti), and apply firewall rules for each office.
ZS:Remote Office —L-To-L— ZS:Head Office —VLAN— RB1000(MikroTik) — Head Office Network
Let me know if you need more. Really the only part I’m struggling is how to configure ZeroShell so that I can see each remote office as a separate VLAN in the MikroTik RB1000.
Thanks,
KenNovember 18, 2009 at 6:09 pm #48193securenet
MemberWas there ever a solution for this post.
The responses simply ended.November 19, 2009 at 2:54 pm #48194ppalias
MemberI don’t know if it solved, but…
I think that on each vpn tunnel you will create a vlan corresponding for that tunnel. Then on the backhaul interface you will enable all the vlans again. Finally you will bridge each vlan tunnel and vlan interface on the backhaul. -
AuthorPosts
- You must be logged in to reply to this topic.