Author Topic: Setup in Lab between branch Office and HQ through a VPN  (Read 5070 times)

smadon

  • Member
  • ***
  • Posts: 12
    • View Profile
Setup in Lab between branch Office and HQ through a VPN
« on: July 30, 2017, 06:23:31 PM »
Hi,

First thank you to let us try your solution on lab.

I am doing a study on providing solution for NGO to improve their connectivities with WAN Optimizer.

On my Lab I have this situation.

https://docs.google.com/document/d/1Q_i40NoL8AemC1-13Sr2wsjWF3SiFsGP5-rp7_Jyue4/edit?usp=sharing
Branch PC - WANOSBranch - RouterBranch - Internet - RouterHQ - ServerHQ

a VPN IPSec is setup between both router, but the WanosBranch is not optimization the traffic.
I can from both site, accessing the Wanos server.
wanos can access Internet, and I can see the traffic on the thorough put but with no optimisation.

I read about the option 76, but i don't see this option on the vpn setup for the router (Zyxel)

How the wanos Branch can see the WanosHQ? I suppose I need to give the path? where should I configure it ?

thankds for your help

I am using version 4.
Both wanos are on esxi 6.5

Regards
Smadon

smadon

  • Member
  • ***
  • Posts: 12
    • View Profile
Re: Setup in Lab between branch Office and HQ through a VPN
« Reply #1 on: July 31, 2017, 07:16:32 AM »
To add some Info:

I check if the network Interface are ok, and it's fine. See picture.

I even try to switch the interface on both wanos, but without success.

smadon

  • Member
  • ***
  • Posts: 12
    • View Profile
Re: Setup in Lab between branch Office and HQ through a VPN
« Reply #2 on: July 31, 2017, 12:33:56 PM »
Furthermore.

I tried to change the encapsulation to UDP, and it still the same, no optimization.

For help, I attached the TCPDump (image attached)
« Last Edit: July 31, 2017, 12:45:56 PM by smadon »

smadon

  • Member
  • ***
  • Posts: 12
    • View Profile
Re: Setup in Lab between branch Office and HQ through a VPN
« Reply #3 on: July 31, 2017, 12:39:15 PM »
Don't know if it help,

but in the loggging page :

I have always this message:
Code: [Select]
[Mon Jul 31 14:36:09 2017] : Debug : wdpi received packet without a valid session id
[Mon Jul 31 14:36:09 2017] : Debug : wdpi received packet without a valid session id
[Mon Jul 31 14:36:09 2017] : Debug : wdpi received packet without a valid session id
[Mon Jul 31 14:36:09 2017] : Debug : wdpi received packet without a valid session id
[Mon Jul 31 14:36:20 2017] : Debug : wdpi received packet without a valid session id
[Mon Jul 31 14:36:20 2017] : Debug : wdpi received packet without a valid session id

ahenning

  • Team Wanos
  • Administrator
  • Full Member
  • *****
  • Posts: 626
    • View Profile
Re: Setup in Lab between branch Office and HQ through a VPN
« Reply #4 on: July 31, 2017, 01:20:17 PM »
Hi smadon,

If the firewall cannot be configured to not strip TCP options, then I recommend to configure tunnel mode and not bridge mode.
CCIE RS, CCIE SP, Mnet&sys

Note: Forum posts may be outdated. Please see the latest documentation at wanos.co/docs

ahenning

  • Team Wanos
  • Administrator
  • Full Member
  • *****
  • Posts: 626
    • View Profile
Re: Setup in Lab between branch Office and HQ through a VPN
« Reply #5 on: July 31, 2017, 01:21:54 PM »
Lastly tcpdump shows https traffic, so not expecting to see options there.
CCIE RS, CCIE SP, Mnet&sys

Note: Forum posts may be outdated. Please see the latest documentation at wanos.co/docs

smadon

  • Member
  • ***
  • Posts: 12
    • View Profile
Re: Setup in Lab between branch Office and HQ through a VPN
« Reply #6 on: August 01, 2017, 08:33:46 AM »
hi,

I am getting more confused :-(
I took out the both router and plug both server on the same switch. (network map attached)
and I still don't see any optimize traffic.

I attached as well the TCP Dump for both server.

is the Option 76 still not going through the LAN ?

Thanks for your help.

ahenning

  • Team Wanos
  • Administrator
  • Full Member
  • *****
  • Posts: 626
    • View Profile
Re: Setup in Lab between branch Office and HQ through a VPN
« Reply #7 on: August 01, 2017, 09:07:22 AM »
Good idea to make a simple setup first.

There are no TCP option 76 tags in the TCPdump and therefore optimization is not going to work until that has been resolved:
1) Check that lan0 connects to the LAN side. In other words lan0 connects to the server on the HQ side. lan0 on the branch side connects to the workstation. Both wan0 connects to the network in between them, normally the routers/firewalls. Use the MAC address to determine that it is correct.
2) If running v.4.1.3, make sure the status says licensed and not "Unlicensed - Bypass". If bypass, send the tokens to support at wanos
3) Check the traffic policies to ensure that traffic is not bypassed with a bypass rule.

Think about it, after installing the images, all that is needed is to connect the wan0 interfaces together and start generating non-bypassed TCP traffic. If running >=4.1.3, then load a key as well.
CCIE RS, CCIE SP, Mnet&sys

Note: Forum posts may be outdated. Please see the latest documentation at wanos.co/docs

smadon

  • Member
  • ***
  • Posts: 12
    • View Profile
Re: Setup in Lab between branch Office and HQ through a VPN
« Reply #8 on: August 01, 2017, 09:28:27 AM »
AHHHH !!
the second point is the issue.
I am still having "Unlicenced - Bypass", I will send another request fror the token to the support right now.
Do you know how long it will take then? I send 2 request (one for HQ and Branch Office) but still waiting the answer.

I will keep you inform if the licence solve my issue.

Regards

ahenning

  • Team Wanos
  • Administrator
  • Full Member
  • *****
  • Posts: 626
    • View Profile
Re: Setup in Lab between branch Office and HQ through a VPN
« Reply #9 on: August 01, 2017, 09:47:47 AM »
Usually within a couple hours. Please send an email to support at wanos from. Sometimes trial keys are registered from an email address, that does not exist

Edit: postmaster undeliverable to hes-co.ch
CCIE RS, CCIE SP, Mnet&sys

Note: Forum posts may be outdated. Please see the latest documentation at wanos.co/docs

smadon

  • Member
  • ***
  • Posts: 12
    • View Profile
Re: Setup in Lab between branch Office and HQ through a VPN
« Reply #10 on: August 01, 2017, 10:02:17 AM »
it work much better now with the licence.  :-)

I will do the  test again with the VPN, and see if it work as well.
Thanks for the support.


smadon

  • Member
  • ***
  • Posts: 12
    • View Profile
Re: Setup in Lab between branch Office and HQ through a VPN
« Reply #11 on: August 01, 2017, 04:45:01 PM »
Hello,

Work fine now over the IPSec Tunnel. So my issue was link with the licence.

Thanks for your help. :-)

llcentinelall

  • Member
  • ***
  • Posts: 7
    • View Profile
Re: Setup in Lab between branch Office and HQ through a VPN
« Reply #12 on: January 05, 2018, 03:35:38 PM »
Hello,

Work fine now over the IPSec Tunnel. So my issue was link with the licence.

Thanks for your help. :-)

Hello,

I want to know if WANOS has been excellent under your IPsec VPN to date.

You tell me

Thank you

smadon

  • Member
  • ***
  • Posts: 12
    • View Profile
Re: Setup in Lab between branch Office and HQ through a VPN
« Reply #13 on: January 08, 2018, 09:32:28 AM »
Hi,

I don't know what you mean by excellent, but I can tell you that  it was working.
It did the Job :-)

leezy

  • New
  • *
  • Posts: 1
    • View Profile
Re: Setup in Lab between branch Office and HQ through a VPN
« Reply #14 on: December 03, 2019, 11:04:53 AM »
i think wan optimization happens only if the traffic transfer are untouch... has anyone here tested with Zerto replication? any improvement if still install WANOS between the sites?

any statistical data shows for WANOS over actual production environment?