automated site to site vpn recommendations

c b bz_siege_01 at hotmail.com
Mon Jun 27 20:08:24 UTC 2016


Situation: We have salespeople/engineers holding temporary seminars/training/demonstrations in hotel meeting rooms.
Requirements: 
field people need a very plug-n-play, simple, reliable vpn back to corporate offices to present videos/slides/demonstrations. The materials are not accessible via the internet directly, they are in a contained environment at corporate HQ locations but not necessarily on the corp network.the solution should be able to provide wireless to attendees. In some cases, guest login will be fine but in some cases the attendees will have registered and provided login creds prior to the event, and these creds will need to be checked before providing accessthe solution should have the option to split tunnel internet traffic out, but in some cases they need all traffic tunneled and internet will be via our corporate offices (NDA/legal, don't ask, it's just a requirement provided)
Nice-to-have:
 field person should be able to not only access the presentation materials (in their contained network) but also the corporate network. Some early attempts required a user-vpn connection by the field person over the S2S VPN, but it made it clunky to switch back and forth. This isn't mandatory, but it would be nice to provide one solution providing dual-level access: restricted to attendees, less-restricted to field people
Tried this in the past with basic router/switch/wireless and captive portals because we had some inventory available... it was workable but not quick or easy. We really could use a simple solution that you just flip on, it calls home, and works... or as close to that as possible.
Have been looking at Meraki and a couple other low-touch solutions and they may do the trick, but we are hoping there are lower cost options that people have used successfully? We don't mind dealing with some off brands and even some custom coding (within reason) as long as the end result is a low-touch, reliable solution.
Thanks in advance. 		 	   		  


More information about the NANOG mailing list