MPLS VPN for 2 site question

[eddypc]

My company will install a new 2M MPLS vpn line for two site by telecom service provider. According to Service provider, this line won't have real ip address and only connect two site office with closed private network through teleocm's provided Cisco Router. So don't need to pass through both site's firewall.

That means.
(A) Office_A LAN > router ---- vpn ------- router < Office_B LAN

My original idea is as below.
(B) Office_A LAN > firewall > router --- vpn ---- router < firewall < Office_B LAN

I don't have those experience for vpn. Since telecom provider suggests above(A), is it safe? or do most company will make this connection without pass through firewall? Thanks.

 

[dberg35]

I currently run a 3 site MPLS network for a 100 million dollar company and it is totally secure. I also have going through this VoIP between the sites plus share the internet from site a to b&c. If this is a managed service then you will be fine.

 

[eddypc]

You mean item (A) above is fine for not going through firewall? Thanks.

 

[dberg35]

I do have a VPN/Firewall inplace, but AT&T internet router also is firewalled. The MPLS is a secure internal network that links the sites together. The firewall comes into play when the internet is involved.