Looking for solution of security between sites such as VPN site-to-site, MPLS whatev

Hi

I have many servers located in 3 different ISPs (it seems like CDN) but it ain’t secure now, so I’m looking for the solution for that and right now I’m gonna use OpenVPN and Quagga (Router software). I ain’t sure that is the best solution or not. If you guys get any idea, please advise me. Thank you.

Best Regard,
Tony Lertthanakanon

 

Fyi

Hi guys,

I still keep going on the plan. Let take a closer look at my solution below.

1. Three servers will be installed Guaga software as Edge Router and connected to Cisco Multilayer Switch.
2. Basic configurations will be configured at Multilayer Switch and all of them will be routed by static route. Right now all of Edge routers (Quaga) are able to ping each other.
3. Tunneling will be created at three sites as a triangle.
4. OSPF will be used for routing of VPN network. That’s it.

I still need any idea from you guys. If you have any better solution please let me know. Thanks you guys so much.

Tony

 

Right now, I come up with the solution for that. I don't have to buy new router, Cisco ASA or VPN Concentrator. Tunneling has been created on three networks and all of them are capable of pinging via tunnel. Let have a look a information below:

Quagga-R1# show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface RXmtL RqstL DBsmL
10.3.3.3 1 Full/DROther 00:00:39 10.10.1.2 tun0bp:10.10.1.1 0 0 0
10.2.2.2 1 Full/DROther 00:00:33 10.10.2.2 tun0bc:10.10.2.1 0 0 0

Quagga-R2# show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface RXmtL RqstL DBsmL
10.3.3.3 1 Full/DROther 00:00:33 10.10.3.2 tun0cp:10.10.3.1 0 0 0
10.1.1.1 1 Full/DROther 00:00:30 10.10.2.1 tun1cb:10.10.2.2 0 0 0

Quagga-R3# show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface RXmtL RqstL DBsmL
10.1.1.1 1 Full/DROther 00:00:35 10.10.1.1 tun1pb:10.10.1.2 0 0 0
10.2.2.2 1 Full/DROther 00:00:32 10.10.3.1 tun1pc:10.10.3.2 0 0 0​

Tony Lertthanakanon