VPN: Router-to-Router or Client-to-Router??

Hi all,

Want to set up a VPN between a small peer-to-peer lan and two other home
users. Two sites are on DSL, third is FiOS... all have dynamic IPs. I'm
quite familiar with D-Link products, so I'll be using these models for
reference, but feel free to suggest other options (but tell me why
please)... here are my brainstorming results...

1- Three inexpensive DI-804HVs... One at each site... using best security
available between them.

PROS (As I perceive them):
- Possibly better security than using XP client??
- If any site expands, can just plug in additional PCs to to local lans and
not bother with additional connections on PC. Not a big deal, but hey.
- Dial-up access to each site through modem plugged into DB9 port on
DI-804HV (Don't need it right now, but easily might in future)

CONS:
- "Always on" VPN between sites. Greater possibility of attack??

2- One inexpensive DI-804HV at main site... XP client at each remote PC.
PROS:
- Least expensive option.
- When remote PCs are off, there's no tunnel active. Although I realize the
router would be willing to "accept" a potential connection. So I don;t knwo
if my "always on" fear is valid.
- Dial-up access to main site through DB9 port.
CONS:
- Limits me to PPTP.
- Any other security/performance concerns I might be missing.

3- One DFL-200 at main site, NETDEFEND client or DI_804HVs at remotes.
PROS:
- Faster VPN performance (supposedly) I know the "A" in ADSL will affect
speed more than anything.
- Can use NETDEFEND client at remote sites for more robust security.
- Can manage bandwidth to each tunnel.
- Can also use XP client in a pinch.
- Also has DB9 port
CONS:
- A bit more money than I planned.


So basically, my main question is: What are the advantages/disadvantages
of router-to-router vs. client-to-router setups??
Which of the above is best for simple file-sharing between sites? Each site
has net access, each site has printers. We just need some very simple
50-100k files accessed every now and then, and at worst, a 1-2mb PDF might
have to be opened on occasion.

Thanks in advance!

Jester



.

Relevant Pages

  • Re: Active Directory/HIPPA Question
    ... The client ... > roll out AD when their top priority this year is securing the applications ... Security is one of the biggest reasons. ... ESPECIALLY if you have 800 remote offices. ...
    (microsoft.public.win2000.general)
  • Re: Active Directory/HIPPA Question
    ... roll out AD when their top priority this year is securing the applications ... Security is one of the biggest reasons. ... ESPECIALLY if you have 800 remote offices. ... >> I have a potential client who is mulling whether or not to invest a ton ...
    (microsoft.public.win2000.general)
  • VPN: Router-to-Router or Client-to-Router??
    ... Want to set up a VPN between a small peer-to-peer lan and two other home ... - Possibly better security than using XP client?? ... XP client at each remote PC. ...
    (comp.dcom.vpn)
  • Re: Active Directory/HIPPA Question
    ... If these remote sites login with some secure VPN or something to ... The client ... > roll out AD when their top priority this year is securing the applications ... Security is one of the biggest reasons. ...
    (microsoft.public.win2000.general)
  • lame server messages in named.log
    ... Mar 30 05:42:30.526 security: info: client 202.52.250.176#1052: ... query (cache) denied ...
    (RedHat)