GOLFMK8
GOLFMK7
GOLFMK6
GOLFMKV

Who can talk to me about hardware VPNs

cb1111

Newbie
Location
Virginia, USA
I have a client with three offices - DC, Albuquerque and Germany. It is one person operation.

His main office is in DC and while he uses a VPN for security on the road, he'd like something that won't slow him down (like a regular VPN) and requires zero skills once set up at his other offices.

He'd like to be able to reach back to the files on his DC computer and use the printer/scanner etc. When in DC, he'd like to be able to access the printer and whatnot at the other offices.

As a bonus, he'll want to be access his US Netflix/Prime account when in Europe and his European Netflix account when in the US (via ROKU).

Amplifi used to have that Teleport device that allowed you to do just that, but they ditched the hardware in favor of a phone based system.

In short, we basically need a two way tunnel that lets him access everything on both sides of the pond by merely logging into his wifi.

He is a bit of a luddite so it needs to be dead simple as there is no real tech support (once set up) outside of DC.

Any thoughts?
 

jimlloyd40

Autocross Champion
Location
Phoenix
Car(s)
2018 SE DSG
Don't know of one in particular but with such strict requirements it's going to be difficult getting a VPN that can perform sufficiently. He needs recommendations from some high powered business guys who travel extensively.
 

helushune

Ready to race!
Location
Austin, TX
Car(s)
2017 GTI Sport 6MT
How deep are your pockets? What does "slow him down (like a regular VPN)" mean?

Since speed seems to be a concern, keep in mind that nothing's going to perform that great across a long distance like that thanks to latency, but OpenVPN or WireGuard should perform pretty decently. The only thing I really know of that's cheap and dead-simple are GL.inet devices. Like this little GL-AR750. As a travel router, they're fine and I have the physical switch on the side of it set to enable/disable a WireGuard VPN back to my home network. I've never done a throughput test on it though.

It sounds like a better solution would be to have routers at each site with a star/hub-and-spoke VPN link to the other sites and allow him to connect in road warrior style to one of his choosing. Personally, I'd use VyOS on a PC-Engines APU2 but the chip shortage has really put a squeeze on their inventory. It'd also require someone comfortable with a command line to do all the initial setup but once it's going, the client side could be as simple as picking a regional site config in the openvpn client gui.
 
Last edited:

GIACUser

Master Wallet Mechanic
Location
USA
Car(s)
MK 6 GolfR
I have a client with three offices - DC, Albuquerque and Germany. It is one person operation.

His main office is in DC and while he uses a VPN for security on the road, he'd like something that won't slow him down (like a regular VPN) and requires zero skills once set up at his other offices.

He'd like to be able to reach back to the files on his DC computer and use the printer/scanner etc. When in DC, he'd like to be able to access the printer and whatnot at the other offices.

As a bonus, he'll want to be access his US Netflix/Prime account when in Europe and his European Netflix account when in the US (via ROKU).

Amplifi used to have that Teleport device that allowed you to do just that, but they ditched the hardware in favor of a phone based system.

In short, we basically need a two way tunnel that lets him access everything on both sides of the pond by merely logging into his wifi.

He is a bit of a luddite so it needs to be dead simple as there is no real tech support (once set up) outside of DC.

Any thoughts?
For connecting business offices try looking at Synology RT 2600 ac routers with their VPN plus product. Not pricey and decent performance for your point to point needs. As far the entertainment stuff I would setup those devices directly with a usual vpn service.
 

uglybastard

Autocross Champion
Location
GOML
Car(s)
Mk6 GTI
I have a client with three offices - DC, Albuquerque and Germany.
the first sentence i immediately think of breaking bad.
 

cb1111

Newbie
Location
Virginia, USA
Thanks guys. I'm amazingly stupid about VPNs (at least the hardware ones). I'm using a couple of vPN's including NordVPN, but they all have the downside of slowing down your throughput significantly.

Here, I usually get about 70-75 up/down, but with the VPN on (even using a local'ish connection), I'm down to 25/30 down and 5/8 up. Almost takes me back to the days of dial up.

Is there a "hardware VPN for dummies" out there somewhere?
 

zrickety

The Fixer
Location
Unknown
Car(s)
09 GTI
I have a client with three offices - DC, Albuquerque and Germany. It is one person operation.

His main office is in DC and while he uses a VPN for security on the road, he'd like something that won't slow him down (like a regular VPN) and requires zero skills once set up at his other offices.

He'd like to be able to reach back to the files on his DC computer and use the printer/scanner etc. When in DC, he'd like to be able to access the printer and whatnot at the other offices.

As a bonus, he'll want to be access his US Netflix/Prime account when in Europe and his European Netflix account when in the US (via ROKU).

Amplifi used to have that Teleport device that allowed you to do just that, but they ditched the hardware in favor of a phone based system.

In short, we basically need a two way tunnel that lets him access everything on both sides of the pond by merely logging into his wifi.

He is a bit of a luddite so it needs to be dead simple as there is no real tech support (once set up) outside of DC.

Any thoughts?
I know we don't often agree, but this is a great question I have been wondering about. I have an IT friend that was just hired at VMware, I will pick his brain.
 

cb1111

Newbie
Location
Virginia, USA
I know we don't often agree, but this is a great question I have been wondering about. I have an IT friend that was just hired at VMware, I will pick his brain.
Yep :) Amplifi's teleport was a great idea. You plugged it in to an outlet, connected it to your modem or router (and computer) and that created a secure tunnel back to the Amplifi modem at your home/office. At Starbucks, you were working as if you were on your home network - with all of the advantages and disadvantages that go with that.
 

shovelhd

Autocross Champion
Location
Western MA
I've done exactly what you are looking to do (different locations) using SonicWall firewalls. They have IPSec and SSL client side products, but the connection between the offices is hardware accelerated, capable of full ISP speed if you choose the right models.
 

cb1111

Newbie
Location
Virginia, USA
I've done exactly what you are looking to do (different locations) using SonicWall firewalls. They have IPSec and SSL client side products, but the connection between the offices is hardware accelerated, capable of full ISP speed if you choose the right models.
Is there anything that is affordable?
 

shovelhd

Autocross Champion
Location
Western MA
Define affordable. This is a business, right?

The cost for SonicWall devices goes up as capacity, throughput, complexity, and options go up. The software is basically the same throughout the line. Hardware VPN is a pretty standard function that should be available on even the smaller lower end devices. To properly design the network, more info is needed.
 

NoGodGetOverIt

Autocross Champion
Location
NC
Car(s)
2017 GTI SE/DSG
Another vote for SonicWall. The company I used to work for was an authorized SonicWall reseller, and they had many products covering the spectrum from small office/home office to corporate/enterprise.
 

cb1111

Newbie
Location
Virginia, USA
Define affordable. This is a business, right?

The cost for SonicWall devices goes up as capacity, throughput, complexity, and options go up. The software is basically the same throughout the line. Hardware VPN is a pretty standard function that should be available on even the smaller lower end devices. To properly design the network, more info is needed.

Another vote for SonicWall. The company I used to work for was an authorized SonicWall reseller, and they had many products covering the spectrum from small office/home office to corporate/enterprise.

You're right, SonicWall sounds interesting and since we're looking at limited users, should be pretty cheap.

Does anybody here do this to the point where they could give specific advice about models etc?

Right now, they are just using the residential routers (RCN in DC, Comcast in NM and who knows what in Europe - probably Vodafone cable) so it would have to play nicely with the existing routers.

Yes it is a business, but a family owned small business and there will be two or three users.
 

shovelhd

Autocross Champion
Location
Western MA
Sure. Contact me offline. I'm not going to do a full WAN design for you, but I can recommend the most appropriate device for each location.
 
Top