Two remote office ,Single tally server

B

burntwingzZz

Skilled
Tally is restricted to work on single vlan and it does not have a cloud native solution yet.

i would like to do L2TP LAN to LAN using some routers with Fixed public IP may be Asus ,tp-links have that feature could someone confirm the features by checking your VPN menus and specify the model numbers ?.And also could anyone confirm if those router have L2TP with IPSEC ?

Any other solution will be appreciated as well . the main restriction is tally being lan (single vlan only).
 
smnrock said:
may be wireguard based solution? like setup pivpn/wireguard in vps(oracle cloud free :D).
Click to expand...
well the end user is friend of mine but not savvy , i want to configure it and forget it ,thinking of openvpn on asus routers which can handout 10 ip address from the same subnet in which the tally server resides that could maybe pull off
 
Check out tailscale or zerotier.

Personally using tailscale to remotely connect to pi at home. Sort of like private vlan over internet. No need to figure out nat issues, dynamic ip etc.
Free tier has 1 subnet and 20 devices limit.
Also supports using another device as exit point, using my pi at home as a vpn exit(able to make use of its pihole while on 4g). Can use pi zerotier ip to acces various servers running on it via remote.

Do check and confirm with your security and privacy requirements of your data. Check their documentation. They use wireguard as their vpn protocol.
 
I had done L2 extension with Mikrotik EoIP over L2TP/IPSec for such a case and it is not something that I would consider a success. For unknown reasons file transfers across the EoIP tunnel is fast but Tally is abysmally slow for normal use.
 
deezcnuts said:
Check out tailscale or zerotier.

Personally using tailscale to remotely connect to pi at home. Sort of like private vlan over internet. No need to figure out nat issues, dyjamic ip etc.
Free tier has 1 subnet and 20 devices limit.
Also supports using another device as exit point, using my pi at home as a vpn exit(able to make use of its pihole while on 4g). Can use pi zerotier ip to acces various servers running on it via remote.

Do check and confirm with your security and privacy requirements of your data. Check their documentation. They use wireguard as their vpn protocol.
Click to expand...
my concern an encrypted tunnel and the remote host should get ip from same network subnet where the server lies and should exchange broadcasts over the tunnel
 
deezcnuts said:
Check out tailscale or zerotier.

Personally using tailscale to remotely connect to pi at home. Sort of like private vlan over internet. No need to figure out nat issues, dynamic ip etc.
Free tier has 1 subnet and 20 devices limit.
Also supports using another device as exit point, using my pi at home as a vpn exit(able to make use of its pihole while on 4g). Can use pi zerotier ip to acces various servers running on it via remote.

Do check and confirm with your security and privacy requirements of your data. Check their documentation. They use wireguard as their vpn protocol.
Click to expand...
I am using Zerotier to connect over 30 devices. How does Tailscale compare to it?
 
burntwingzZz said:
my concern an encrypted tunnel and the remote host should get ip from same network subnet where the server lies and should exchange broadcasts over the tunnel
Click to expand...

My bad, i missed the single vlan limitation
TinTinSnowy said:
I am using Zerotier to connect over 30 devices. How does Tailscale compare to it?
Click to expand...
Havent used zerotier. Tailscale felt more user friendly to setup. Just install on all devices and login.
Onoy disadvantages i see are not much in depth control, only dns(maybe free limitation). Network/devices management via tailscale website, mobile app is just to add the device and connect to network.

Currently have 4 devices setup. Pi3b+ seems to be the bottleneck(for exit), not gigabit, usb drives share bandwidth with ethernet.
 
Last edited:
HQ

Network :192.168.1.0/24
DHCP scope range : 192.168.1.200-254


Asus router Opnevpn server Config

It allows max 10 clients over openvpn

Remote tunnel Node /ip range 192.168.1.101-110/24 ,i hope it also supports split tunneling


remote factory ip

network 192.168.2.0/24
DHCP Scope range :192.168.2.200-254

factory pc connects using open vpn client intsalled
 
i used to do the same earlier with my asus router, but i dont have static ip. So had to go through these free dynamic dns services and use openvpn client. But later once i found oracle cloud free solution, i setup pivpn based wireguard and so far fine its fine. It does kind of setup once and forget rest.

of course if you have static public IP, then u can also do similar setup may using raspberry pi.
 
its a office and factory . so my concern is if the hardware fails he can directly replace it and paste the config and the setup will be back up . with raspberry etc things get bit technical un necessarily
 
deezcnuts said:
My bad, i missed the single vlan limitation

Havent used zerotier. Tailscale felt more user friendly to setup. Just install on all devices and login.
Onoy disadvantages i see are not much in depth control, only dns(maybe free limitation). Network/devices management via tailscale website, mobile app is just to add the device and connect to network.

Currently have 4 devices setup. Pi3b+ seems to be the bottleneck(for exit), not gigabit, usb drives share bandwidth with ethernet.
Click to expand...
Ok thanks. I need to figure out if the zerotier clients are open source.
 
Hello, I'm sorry to dig out an old thread, but I have the exact same scenario.

I have Tally gold installed in office and would need to use the license in my factory.
I tried various tutorials setting up L2 vpn but nothing didn't work. I'm not much of a network guy.

I would like to know if anyone has successfully setup VPN to access Tally gold license in multiple location through VPN ?

Thanks for your time.
 
You can use any of the VPN types which will allow you to tunnel layer 2 over it. However my experience in doing so was not satisfactory for Tally. What hardware / software are at the end points in these locations ?
 
I think Tally TSS with Gold Lic. should be enough to cover that. You can connect that PC in additional place with Tally Gold lic using internet and TSS. Anyway do call Tally contacts to confirm. Also what version of Tally are you using in all locations. Its been a long time since I used it myself.
 
bobbyprajan said:
You can use any of the VPN types which will allow you to tunnel layer 2 over it. However my experience in doing so was not satisfactory for Tally. What hardware / software are at the end points in these locations ?
Click to expand...

This is because of the way Tally works, and over VPN, its recommended to use any remote control protocol instead of directly accessing over SMB

Have worked with companies using Tally for over a decade and have done quite a bit of R&D on it.

Would suggest to look into Tally on Cloud from https://www.sawindia.com/ - its pretty cheap when you consider they give a package at 600/user/month with the exception of your Tally license.

Sandeep - 9167760415
 
Back
Top