Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
I
I
Igor2014-04-03 11:36:03
Mikrotik
Igor, 2014-04-03 11:36:03

Is such a scheme for remote work with Mikrotik and IP-KVM ATEN CS1708i-AT-G workable?

Scheme:
faa1a261231c44f9b93784566bd89a56.png
Comments:
The right part of the figure is what is already deployed in our office (Mikrotik RB 951G and its subnet)
The left part is what is planned to be deployed. All this is planned to be deployed in a room remote from the office (in the server room). Accordingly, you need to ensure the following:
1. Remotely turn on/off/reboot/reinstall the OS
servers 2. Servers and IP-KVM should be accessible as if they were in the office LAN (right side of the figure)
3. Secure traffic connection between the server and office
Do I understand correctly that using IP-KVM ATEN CS1708i-AT-G and configuring VLAN +VPN between both Mikrotik will I fully fulfill all the requirements? Or are there any pitfalls? So far, there was no experience with IP-KVM, binding to the voiced model (IP-KVM ATEN CS1708i-AT-G) is conditional. This is still planned to be purchased, but everything can be changed

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

5 answer(s)
Report
S
Sergey, 2014-04-03
@edinorog

No, not correct. A VPN of this width cannot be created through such toys.

Report
K
kodi, 2014-04-04
@kodi

@shanker
Quite a real scheme.
Only it is not clear what you mean by "VLAN + VPN"? vlan in vpn you will not do.

Report
F
fotonboxx, 2014-04-04
@fotonboxx

I'll insert a little off topic - of the two purchased RB2011UAS, one after the reset always loads the default config. Myself.
Of the two RB951-Gs, one does not have a WiFi module.
I don’t have time to go to hand them over to the guarantee, so they are lying around in a box from under some kind of MFP.

Report
K
Kirill Vasiliev, 2014-04-14
@vasilevkirill

Well, firstly L2VPN for l2 forwarding, but if you need to encrypt, then IMHO the only thing is IPSEC, but to drive IPSEC on such pieces of iron, a maximum of 10mbit.
therefore, it is better to do without l2, then you can control traffic without problems, since it will go through the router at layer 3. IPKVM doesn't eat much. only if you do not mean remotemanagment built into the servers, since one mounting of the ISO image can take a lot of time)))

Report
T
Taras M, 2014-07-31
@kalduntus

Hmm, First of all: VLAN can be routed through anything (ip-sec/openvpn/l2tp/pptp/...) doesn't matter. the main thing is speed, you need a lot to fill the image: (time / channel load) you need to emphasize, the fastest according to my tests is the native Tikovsky EoIP + ipsec, in this scheme it’s the most IT, it will give up to 40 megabits, with these devices, Openvpn TAP - will give 15 mbps maximum but L2, TUN- will give a little more than 16-17, depending on the channel and its synchronism. oh yes (!) with big packages. will swim with the little ones. although it is beautiful to mark the mangle, agree on MTU and profit.

Similar questions
L
Luan2020-10-15 15:03:15
Can I get a certificate for a Mikrotik VPN address? 2Reply
S
sprocker2014-07-03 15:25:42
FAR and FTP: why doesn't it get past "Requesting folder name"? 1Reply
D
denn2022-02-22 22:50:55
How to properly organize traffic prioritization in Mikrotik? 1Reply
D
DdarkX2019-01-09 21:05:35
How to solve the problem with vlan on tp-link? 3Reply
E
erlan_962022-02-28 03:21:28
How to configure routing to selected IPs through a separate WAN? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question