Solved

Getting E-mail over VPN and a couple other things.

Posted on 2004-08-06
13
219 Views
Last Modified: 2010-04-12
I'm not too experienced with VPN's, so I have a couple questions concerning our RAS server.

#1. Once they (our remote users) are authenticated through the Microsoft PPTP VPN on our server, will Outlook be able to talk to our Exchange server (I know I would still have to do Outlook's little first time setup wizard.)?  I want our clients to be able to get their e-mail like they are attached to our internal network. Right now our users access their e-mail through Terminal Services, however it has become necessary to get their PC's directly connected to our network so they can download their e-mail as if they were within our LAN.

#2. Once they are attached through a VPN, I'll be able to ping their PC, right (all offices are behind firewealls with NAT)? This is important for remote trouble-shooting. I use TightVNC for one of our offices that is hooked up via a Cisco VPN. My other remote offices don't have Ciscos though, so I'm not sure what my limitations are without a Cisco.

#3. Would I be able to join their PC to our Domain once they are connected?

Thanks for the info. WAN technology (specifically the setup of it) is a new field for me, so I appreciate any help I can get on this stuff.
0
Comment
Question by:mckeough
  • 6
  • 6
13 Comments
 
LVL 2

Assisted Solution

by:Teaman27
Teaman27 earned 150 total points
ID: 11737290
Once they are connected to your network, their outlook will work just as they are in the office.  You will have to make sure they ahve the correct settings to access your exchange server.

Other than that they don't need to do anything but connect.

I haven't tried the VNC part yet on my network.  I use WINVNC.

0
 
LVL 36

Accepted Solution

by:
grblades earned 350 total points
ID: 11737388
Hi mckeough,
Yes you should not have any problems doing any of that. Just make sure that when clients connect they use your DNS server and then you won't have any problems with joining the domain etc...
0
 

Author Comment

by:mckeough
ID: 11751692
Thanks for the input! Grblades, you're saying I need to configure their settings to use my DNS server once they're connected... How should I configure this? Are you saying I should use Network Connections>TCP/IP Configuration>Properties>Alternate Configuration, and put the IP of my DNS server in there?
0
 
LVL 36

Expert Comment

by:grblades
ID: 11752737
The VPN server will issue an IP address for the client to use. This is done via DHCP and as part of this the server can also say which DNS servers should be used. You  need to specify the IP address(s) of your internal DNS servers in this configuration section.

I haven't used windows vpn before (I use Cisco) so I can't tell you where this is configured.
0
 

Author Comment

by:mckeough
ID: 11752931
EW! Good! You use Cisco! I'll increase the points to 500 if you can help me with this. The other half of this thing is actually connecting. If I setup a VPN connection I need to give them a valid IP address of our DNS server. However we're behind a Cisco 1720 fireall/router, (I think it's IOS 12.2) which is performing NAT for us. So instead of our real IP address our DNS server actually has an address of 192.168.254.1. Obviously I can't use that IP address to connect to. What should I do to our Cisco to let someone connect to our server behind this firewall? I don't know much about Cisco routers. What I do know about our Cisco is how to look at the access list, pull up configurations, etc... Very basic things. I haven't actually setup an access list on a Cisco yet.

If you would rather me post this as a new question then feel free to ask for a new one. I just want to get this thing done so I can start providing a few much-needed services to our remote users. Thanks!

Oh, one more thing, right now buying a Cisco for at least one of our offices is not an option. I just wanted to let you know in case you thought we could setup a Cisco VPN. We don't have a Ciscos on the other end.
0
 
LVL 36

Expert Comment

by:grblades
ID: 11752965
I suggest you post it as a new question as other may be able to help you more than I can. I haven't used NAT/VPN on routers myself (I use a PIX for this).
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:mckeough
ID: 11753000
OK, will do. Just curious, one of our offices have a Cisco PIX. Is that easier to setup than a Cisco 1720?
0
 
LVL 36

Expert Comment

by:grblades
ID: 11753018
Bear in mind that with VPN the packet is encrypted and decrypted at the VPN server. So therefore if a client establishes a connectoion to the VPN server on the internal network they will effectivly be directly connected to the internal network. Therefore you just issue the internal IP address of the DNS server for the client to use.
As the router is running NAT the only thing you need to worry about is redirecting PPTP traffic to the internal VPN server. PPTP uses udp port 1723 and IP protocol 47 (GRE)
0
 
LVL 36

Expert Comment

by:grblades
ID: 11753041
They are probably about the same. I have used a PIX before so naturally I will find it much easier than a router as I have previous experience and have answered a number of PIX questions here.

I have documented a couple of example configurations on my website:-
http://www.gbnetwork.co.uk/networking/
0
 

Author Comment

by:mckeough
ID: 11753202
Nice website, I'll be sure to read up on what you have posted there for the RADIUS server. One LAST thiing (I promise.) Again, if you think I should post this as a separate post, let me know.

So if I have things setup properly, our users will actually use the outside IP address, which we'll just say is 69.39.1.2, of our router to connect to? In other words when I tell them what IP address they should connect to, I'll tell them the REAL IP address of this network?

Sorry if these questions seem dumb, but I haven't had any experience with Cisco firewalls before. I like Ciscos, so I think I'll get a book or two (maybe "Ciscos for Dummies", lol).
0
 

Author Comment

by:mckeough
ID: 11753210
Increased points to 500.
0
 
LVL 36

Expert Comment

by:grblades
ID: 11754814
Yes as far as the VPN client is concerned you connect to the external IP address. If the router has VPN on it then it will work otherwise if the VPN server is internal the router will be configured to forward the connections onto the server.
0
 

Author Comment

by:mckeough
ID: 11754886
OK! Thanks!
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Overview Often, we set up VPN appliances where the connected clients are on a separate subnet and the company will have alternate internet connections and do not use this particular device as the gateway for certain servers or clients. In this case…
Juniper VPN devices are a popular alternative to using Cisco products. Last year I needed to set up an international site-to-site VPN over the Internet, but the client had high security requirements -- FIPS 140. What and Why of FIPS 140 Federa…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now