Understanding Mesh
I have 3 FW, in 3 locations. Currently, I have one site to site VPN. Site3->Site1 this works great, I have a couple devices I send through that tunnel and they behave exactly as I want.
In this scenario, if I am correct, when a device on Site3 uses the VPN and downloads say a 10MB file, the Site1 ISP will see this download as if the device is at Site1, and bandwidth will be used at Site1 for the download, Site1 for "upload" to Site3, and Site3 will use bandwidth downloading the file (from Site1). (Plus whatever overhead there is for the VPN).
How does it work with a mesh network? If Site1 and Site3 are in a mesh where is the end point? Is it still the same as in the above scenario (with just the 2 sites in the mesh)? Does one box still function as the server?
With only 2 boxes, would a mesh be the equivalent to 2 site-to-site VPNs? and with three boxes it would be like having 6 site to site tunnels (1->2, 1->3, 2->3, 2->1, 3->1, 3->2)? or is this completely wrong?
-
Hi, @Rich T. Thanks for taking an interest in the MSP VPN Mesh feature. For local network traffic, it's as you described, there are tunnels between all three boxes: 1->2, 1->3, 2->3, 2->1, 3->1, 3->2.
For Internet traffic, the ability to route one box's Internet traffic through another box is not supported yet. The design team is working on it, and we'd be very appreciative If you could share more about your use cases and potential network topology.
-
Mine are home use (self, 2 grown children). I use the VPN(s) pretty regularly:
- At work, VPN to home / RDP to avoid any work snooping.
- At their apartments, VPN to my home with Work laptop, which also creates a tunnel to work.
- Daughters' apartment, I have a selective VPN route to my home so Netflix password sharing still works
- Use third party VPN on occasion.
I don't really have a need for the MSP, but signed up for the trial to check it out (very cheap for trial). I currently don't even have the boxes added there as I didn't like the "managed from the web" notice in the app and didn't see any real benefit (for me).
Please sign in to leave a comment.
Comments
2 comments