Oversea Site to Site IPSEC, Bandwidth performance & Internet Question
I'm new and not so good with Firewall, please pardon me if i ask dumb question.
Our HQ and Branch are switching from Cisco to Fortigate Firewall. We are 7000 miles apart. Our current connection from HQ to Branch is via MPLS AT&T connection but due to $$$. We are considering Site to Site VPN option. Is it feasible?
Will there be bandwidth performance issue for site to site VPN? Is 50Mbps enough for site to site ?
After connecting HQ to Branch with site to site IPSEC VPN config, can my branch office still access the internet locally?
For overseas users, that wants to connect to branch office via remote IPSEC or SSL vpn connection. Is it still configurable with site to site in placed?
For our current IPSEC cisco remote VPN connection configuration, once the users are connected via IPSEC VPN, they have no internet connectivity. They have to use proxy in internet options but is very slow. For Fortigate, can users get internet while connected on VPN (IPSEC) ? what are the options?
What are the typical practical problems with Site to Site VPN ?
Worth investigating, but real world experience is difficult to establish from a forum post.
Re performance, the bandwidth is totally down to what you run across the link, what do you have in bandwidth at the moment. I have sites that would cope on a 2mbs link, so no standard sizing for any link.
Finally, yes you can have IPSEC and a local internet breakout, all down the the route table and policies.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.