How to set up an Enterprise VPN using tp-link products
For SMEs, different branches and HQ need virtual private network to share resources, at the same time, when employees travel around, they need a safe remote access to internal network servers.TP-LINK can provide LAN to LAN and client to LAN VPN solutions to meet the Enterprise VPN requirement.
What are the basic needs of Enterprise VPN?
Normally, an Enterprise VPN should meet the following needs:
- High-speed internet access and line redundancy to achieve employee’s effective work.
- Safety, reliability. Defend basic network attacks. Restrict different employee’s Internet bandwidth and server access to make full and proper use of network resources.
- Provide safe tunnels between branches, traveling employees and headquarters, so they can share internal resources like servers conveniently and safely.
What kind of solution can meet the needs of Enterprise VPN?
Topology

What are the highlights of this solution?
- Headquarters and branch can share servers through safe tunnels, and employee can telecommute safely.
By establishing safe tunnels between headquarters and branches, we can share resources like server safely and conveniently. Travelling employee can access company’s server safely and easily through tunnels too.
- High-speed and stable wired LAN network, line redundancy.
Excellent performance Core switch with multiple functions, stable and reliable. Both access switch and core switch have Gigabit Ethernet ports, and can forward packets linearly. And they support LAG which can aggregate uplink port’s bandwidth and achieve redundancy at the same time. If server supports, you can expand bandwidth between server and core switch too. Core switch also supports advanced features like stacks, which makes it easy to expand and upgrade enterprise network.
- Multi-WAN port router, achieve link backup and link aggregation easily.
When multiple ISP lines are available, we can set up link backup or link aggregation function according to our actual requirement to backup and expand our network. Meanwhile, we can restrict bandwidth usage of different users to distribute limited bandwidth properly.
- Abundant features like static routing, VLAN, divides apartment’s authority clearly.
All switches supports VLAN. Core switch can control different apartment’s access to server by setting ACL, layer 3 routing entries.
Which products should I choose to set up the enterprise VPN?
Here is a list which includes the TP-LINK devices for reference:
Headquarters solution:
| Type | Model | Brief Introduction | 
| 
 
 
 
 
 
 Headquarters solution | 
 TL-ER6120 | IPSec/PPTP/L2TP VPN User bandwidth/behavior control Line aggregation/line backup NAT throughput:350Mbps | 
| 
 
 
 T3700G-28TQ 
 | Layer 3 switch with powerful configuration Support VLAN, isolate broadcast domain Support utility functions like ACL, static routing, QoS. Support advanced function like stacking, upgrade network conveniently. | |
| 
 
 T1600G-28TS 
 | High-speed and abundant interfaces, forward packets linearly Support VLAN, IP/MAC/PORT binding Support LAG, expand uplink port’s bandwidth | 
| Type | Model | Brief Introduction | 
| 
 
 
 
 
 
 Branch solution 
 | 
 TL-ER6020 | IPSec/PPTP/L2TP VPN User bandwidth/behavior control Line aggregation/line backup NAT throughput:180Mbps | 
| 
 
 T1700G-28TQ | High-speed and abundant interfaces, forward packets linearly Support VLAN, isolate broadcast domain Support utility functions like ACL, static routing. Advanced function like stacking, upgrade network conveniently | |
| 
 TL-SG108E | High-speed and abundant interfaces, forward packets linearly Support VLAN, IP/MAC binding Support LAG, expand uplink port’s bandwidth | 
Is this faq useful?
Your feedback helps improve this site.
 
                      TP-Link Community
Still need help? Search for answers, ask questions, and get help from TP-Link experts and other users around the world.
 100140
100140