• Experts,

    With regards to combination WLAN/Remote SOHO solutions, what is everyone seeing/deploying? Best of breed remote solution with WLAN solution behind that, or single solution with both? With either, how is it managed for multiple sites?

    Have a company who wants to save money by cutting down on real estate by allowing users to work from home with complete setups. They also don't want to purchase more expensive real estate now that they are hiring again. They want to do this without a great deal of complexity. What's the best way?

  • Really need to take a step back and understand the infrastructure capabilities before looking at the remote access side as it may require significant investment in the infrastructure.

    If its just remote users have them vpn in.

    You culd deploy wireless routers to each site or their are other proprietry solutions, Cisco has Office extend but that requires the central site to have the right flavour of iwreless hardware such as 5508 and 1131 access points, or 1142.

    What arethe capabilities and what do the remote clients need. also whats their budget

  • The requirements would be to have an IP phone, laptop or desktop computer and possibly a wired managed printer at the site. They are open on budget, they would like to know all of their options.

  • Cisco Office extend does can do that and there is a similar solution form Aruba, you really need to engage someone to architect it properly, It may be that simple a wireless router is the best solution.

    I can pretty much gaurantee they arnt open on budget and will have a figure in their mind as to the value.

    How many sites.

  • By (Deleted User)

    I'm working on the prototype for this very solution this weekend. Expect to have it ready tomorrow when I hit it.

    Here's the scenario:

    Site to Site VPN for Corporate Traffic (interesting traffic) from the SOHO Network to the Corporate Hub (In my case we have still have two hubs - that's another issue).

    This means that all traffic from each VLAN (Wireless, Voice, Data, and Video) will go to the Corporate Network when needed based on DNS lookup which is routed to the Corp DNS as well as any traffic for corp vlans. This traffic is protected via IPsec and takes the tunnel.


    The home network traffic destined for the Internet (not RFC1918) for example would take the normal path out of the network and work effectively as ships in the night. This is normal traffic, is not encrypted and does not take the tunnel.

    Is this what you are asking for?

  • I've done exactly what he said with Aruba for a client, 2500 sites all with a less than $100 AP. works like a champ. Its part of Aruba's Remote AP architecture aka Virtual Branch Networking. They have a white paper on it for anyone who is interested

  • P. Nugent - about 25 sites to start

    Darby - That is the scenario that they are talking about..

    Wilddev - $100/per??

  • The query is sufficiently vague Darby there are multiple solutions.

    As its a wireless forum, there are potential solutions from Cisco and Aruba, Wilddev has put a white paper in, then there is split tunnel vpn like yours. depends on a lot of factors.

    Its difficult to generalise, I probably wouldnt use wireless Virtual Branch or Office Extend although I a wireless guy, Id probably just rely on the client having internet access and set up vpn access thats your cheapest solution.

  • By (Deleted User)

    My scenario calls for a Cisco 88x series SOHO Router and is not going to cost $100.00 per user.

    The issue is not casual usage but one of a certain degree of security, performance, and unquestionable integrity of the data and content.

    The first use for example has a 40+ meg pipe to the house and is an executive who needs all of the above services.

    Not saying that all users will have such a connection, apparently in some areas of the northeast higher speed data is relatively common fare.

    In my neck of the woods we are still at about 10Mbps.

    I'm sure there are other solutions and to be honest most of my users just use a Cisco VPN Client and then make their phone calls and assumably video conferencing calls over IPSec VPN just fine.

    This solution is for the C-Suite and the VP type of of course it will be the caviar solution.

    The same solution would be what most branches might use.

    This is similar to an H-REAP scenario for LAPs, however, that is not what is planned. Consider the cost of the LAP.

  • It may be similar to H-REAP if you had mentioned a centrally managed wireless solution using a WLC etc. I dont see the similarity simply because the 887 can be manged by the WCS

Page 1 of 2