I know similar questions have been asked but I couldn’t quite find, here or by google, what I was looking for.
So here is what I know:
We need a VPN to connect 10 stores that are on different locations. What we want to achieve is to be able to share POS database files, other files and to be able to access ads billboard devices in stores from one location.
I know that VPN can be set up either on the router(which is probably the way to go if we want to be able to access the billboard devices) or on PC with software.
What I am confused about:
Do I use something like NordVPN or openVPN. Or something else entirely.
Also, I heard that people organize groups of PCs with subtasks, like ex. 192.168.50.1 . where 50 is the group. Should I do that and where do I do that.
In your case the routers at each location should set up the VPN tunnel (ie. be the client), because otherwise you’d have to install the VPN client on every single device.
Also, you don’t use a public VPN provider for this, as they don’t really do the same thing. Public VPNs don’t allow you to access other networks/clients in the VPN, they are typically one-way tunnels.
What you need though is a central server somewhere that will accept the VPN connections of your stores and then route the traffic between them. This is where the subnets come into play: Every store should use its own subnet, like you mentioned. If you use the same subnet in every store then your VPN server will see multiple clients that have the same IP address and that will screw up routing because IPs are not unique anymore. You could use 192.168.50.0 as the subnet in store 1, 192.168.51.0 in store 2 etc. You likely have a DHCP server running in every store, you can change the scope there.
It is also worth mentioning that a setup like this is what is typically called a star topology; Stores will be connected to your VPN server but they are not connected to each other directly. This means that if store 1 wants to access data from store 2 the traffic flow will be Store 1 → VPN Server → Store 2 → VPN Server → Store 1. This can mean significant network load for your VPN server. If stores do not connect to each other but only need data from a central location that gets accessed via the VPN server then the network load will be lower.
It might also make sense to ask your provider if they can set up routing between your stores so you don’t have to play around with VPNs at all (They will likely implement this using MPLS, which is what you want). This might not be that much more expensive than what you are paying now and you don’t have to deal with the networking infrastructure at all, although you will likely still need to set up different subnets for each store, but that is a pretty easy thing do to.