Simplify and orchestrate VPN networking and configuration tasks.
Post Reply
billeuze
Influencer
Posts: 15
Liked: 1 time
Joined: Jan 24, 2018 8:41 pm
Full Name: Bill Leuze
Contact:

(almost) Full mesh network

Post by billeuze »

Im looking into using this as a VPN solution for our VOIP network.

This would be 100% on premises installation (no azure or other clouds)

We have 12 sites that are currently VPN connected in a hub-spoke pattern which works ok for our business use. Now we are told we have to put our Mitel phone controllers (one in each branch) inside our firewalls. Our current VPN network will not work for our phone system. so I am looking for another (affordable) solution. It seems that even buying an esxi capable PC for each branch that doesn't already have an esxi server is more affordable hardware wise than going with sonicwall, fortigate, etc appliances so we are looking into using Veeam PM as an option to connect our phone controllers only and keeping our existing VPN solution for business use

I know that the documentation points us towards creating a hub-spoke network. But as this means for one branch to talk to another it has to go through the hub, creating twice as many physical router hops as it would to go directly between branches as well as putting extra strain on the head office router and internet connection.

So, my question is if we can create a full mesh network. Can I make each of the 12 sites a hub and have each of the other sites connect as a gateway? I see that in the traditional config, even the hub site has to configure itself as a gateway client, so I would assume that each site could be a hub for the 12 other sites as well as being a gateway client of the other 11 hubs. Can anyone confirm if this is possible?

in reality there are some branches that will not need to connect to all other branches (or connect so rarely that they can route through a hub) so we would not need the full 122 tunnels of a complete full mesh. Probably we would have 3 sites with 11 tunnels and the rest would have 5 or six tunnels each.

HannesK
Veeam Software
Posts: 5704
Liked: 782 times
Joined: Sep 01, 2014 11:46 am
Location: Austria
Contact:

Re: (almost) Full mesh network

Post by HannesK »

Hello,
as I worked for a company that was providing VOIP services... I would not use a free product that is not built for that purpose.

It's not only full mesh, it also requires prioritization of traffic etc.

From my side: VeeamPN is not the product you are looking for.

Best regards,
Hannes

asdffdsa6131
Enthusiast
Posts: 76
Liked: 13 times
Joined: Sep 30, 2018 9:03 pm
Contact:

Re: (almost) Full mesh network

Post by asdffdsa6131 »

i agree 100% with HannesK,
i would not use it for production.

veeampn is a nice product and FREE so it is hard to complain about it and it does seem to work reliably for me but not others.

if you run into problems setting up the voip over vpn, you cannot expect to get tech support, for this FREE product, in a timely manner.

for some reason, veeam decided to switch from openvpn support to wireguard, for site-to-site.
IMHO, this is a mistake.
as wireguard should not be used for production environments yet.

as per wireguard website.
"Some parts of WireGuard are working toward a stable 1.0 release, while others are already there. but these should not be considered real releases and they may contain security quirks (which would not be eligible for CVEs, since this is pre-release snapshot software). "

billeuze
Influencer
Posts: 15
Liked: 1 time
Joined: Jan 24, 2018 8:41 pm
Full Name: Bill Leuze
Contact:

Re: (almost) Full mesh network

Post by billeuze »

Tankyou HannesK and asdffdsa6131 for your comments. I'm still considering this, but with a bit more caution and also looking for more low cost solutions.

In the meantime. Has anyone tried doing a full mesh network?

Post Reply

Who is online

Users browsing this forum: No registered users and 2 guests