Configure remote office backup line.
-
I have three buildings located at a distance from each other and all connected with a proprietary optical fiber.
The firewall is in the central office, has a FWA Internet connection and has a backup line with ADSL.
Remote buildings currently do not have a firewall because the protection is on the central one. However, if there is a failure on the fiber connection, no one is able to browse or use the applications on the central server.
My idea is to put something in the peripheral offices that activate a mobile connection in case of failure on the fiber.
At least for surfing the Internet, but if possible also to reach the headquarters via the Internet.
I would like some suggestions on what to expect in the center and in the peripheral offices.
Thanks in advance. -
@whitetiger-it said in Configure remote office backup line.:
My idea is to put something in the peripheral offices that activate a mobile connection in case of failure on the fiber.
Hi,
In this case you are left without a firewall (in the second order places), which is a huge mistake in a production environment!
Everyone thinks that internet browsing should be maintained in case of upstream failure, but this is the most dangerous, entrance from the bad guys' side.
So, I would put a NGFW(s) in every building, smaller ones are sufficient for this endpoints..., it is cost-effective.
One good feature of pfSense is that it handles multiple WAN connections...
https://docs.netgate.com/pfsense/en/latest/multiwan/load-balance-and-failover.htmlon the second, say a WAN2 connection, a 4G LTE connection would be installed, which would be activated in case of a fiber failure....
and here you decide how to configure.................
use 4G LTE temporarily (until fiber is restored) for everything or VPN into the central NGFW and continue to manage the main FW rules from the central office
-
@daddygo
I thank you for the answer.