Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
B
B
BSOZ2016-01-12 12:29:09
VPN
BSOZ, 2016-01-12 12:29:09

Which Microtik routers to choose for IPSec organization?

There was a task to organize a VPN connection with remote offices, incl. for video conferencing (FullHD + interactive content), which in our case requires about 50 Mbps (the most frequent conferences with 2-3 participants; in fact, the requirements are, of course, lower, but there are a number of demanding tasks that you don’t want to get into a puddle with ). It is required to organize IPSec with minimal cost.
The solution is seen as an alternative to a VPN solution rented from a provider (high monthly fees and terrible stability problems, but the claimed speed is quite high, in the same orders of magnitude).
What to choose for remote offices from Microtik products (40-50Mbps encryption)? What to choose for central (~100Mbps encryption)?
PS. СКЗИ сертифицированные по ФСТЭК тоже присутствуют, IPSec в плане безопасности скорее как приятная опция.
PPS. В плане топологии: рассмотрим вариант, когда между доп. офисами трафик не ходит, всё через центральный (серверы).

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
Артем, 2016-01-22
@gangz

В центр например 1100AHx2 или уже ccr1008 (избыточный вариант но с большим запасом), в филиалы 951е и будет тебе счастье)

Report
Александр Вершинин, 2016-01-26
@robinfeelgood

telecom-sales.ru/marshrutizatoryi/ethernet-router/... at a price of 27 rubles and telecom-sales.ru/marshrutizatoryi/wi-fi-router/rb9... will give a speed of about 10 Mbps per branch (the limitation is related with the fact that 951 uses the processor for encryption). There is also an MRTG850 with support for hardware encryption - it will work almost at the speed of the port (more precisely, at the speed of the communication channel)

Report
A
Alexander Romanov, 2016-06-26
@moneron89

The cheapest model with support for hardware encryption is RB850Gx2. All CCRs also have hardware encryption. The most inexpensive is CCR1009-8G-1S-PC ($425). In both options, encryption does not load the processor. On rb951, traffic is encrypted by the processor and you will not receive 50 Mbps. I achieved a maximum of 40-45 at 100% CPU.

Similar questions
E
elyd2021-07-28 19:14:32
The ssh tunnel is not working correctly. Why? 1Reply
D
Dmitry2015-11-30 17:17:26
How to properly configure route to exclude the provider's subnet from the VPN connection? 2Reply
S
spitintoetirnity2018-04-09 13:51:43
Failed to activate kali linux network connection. How to fix? 1Reply
M
Maxim2015-12-01 18:13:03
How to implement SSH access to a remote computer connected to the Internet via a usb modem? 1Reply
D
DeLuRe_092020-05-21 22:02:22
Which CRM is suitable for a VPN provider? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question