Solved

Getting E-mail over VPN and a couple other things.

Posted on 2004-08-06
13
218 Views
Last Modified: 2010-04-12
I'm not too experienced with VPN's, so I have a couple questions concerning our RAS server.

#1. Once they (our remote users) are authenticated through the Microsoft PPTP VPN on our server, will Outlook be able to talk to our Exchange server (I know I would still have to do Outlook's little first time setup wizard.)?  I want our clients to be able to get their e-mail like they are attached to our internal network. Right now our users access their e-mail through Terminal Services, however it has become necessary to get their PC's directly connected to our network so they can download their e-mail as if they were within our LAN.

#2. Once they are attached through a VPN, I'll be able to ping their PC, right (all offices are behind firewealls with NAT)? This is important for remote trouble-shooting. I use TightVNC for one of our offices that is hooked up via a Cisco VPN. My other remote offices don't have Ciscos though, so I'm not sure what my limitations are without a Cisco.

#3. Would I be able to join their PC to our Domain once they are connected?

Thanks for the info. WAN technology (specifically the setup of it) is a new field for me, so I appreciate any help I can get on this stuff.
0
Comment
Question by:mckeough
  • 6
  • 6
13 Comments
 
LVL 2

Assisted Solution

by:Teaman27
Teaman27 earned 150 total points
ID: 11737290
Once they are connected to your network, their outlook will work just as they are in the office.  You will have to make sure they ahve the correct settings to access your exchange server.

Other than that they don't need to do anything but connect.

I haven't tried the VNC part yet on my network.  I use WINVNC.

0
 
LVL 36

Accepted Solution

by:
grblades earned 350 total points
ID: 11737388
Hi mckeough,
Yes you should not have any problems doing any of that. Just make sure that when clients connect they use your DNS server and then you won't have any problems with joining the domain etc...
0
 

Author Comment

by:mckeough
ID: 11751692
Thanks for the input! Grblades, you're saying I need to configure their settings to use my DNS server once they're connected... How should I configure this? Are you saying I should use Network Connections>TCP/IP Configuration>Properties>Alternate Configuration, and put the IP of my DNS server in there?
0
 
LVL 36

Expert Comment

by:grblades
ID: 11752737
The VPN server will issue an IP address for the client to use. This is done via DHCP and as part of this the server can also say which DNS servers should be used. You  need to specify the IP address(s) of your internal DNS servers in this configuration section.

I haven't used windows vpn before (I use Cisco) so I can't tell you where this is configured.
0
 

Author Comment

by:mckeough
ID: 11752931
EW! Good! You use Cisco! I'll increase the points to 500 if you can help me with this. The other half of this thing is actually connecting. If I setup a VPN connection I need to give them a valid IP address of our DNS server. However we're behind a Cisco 1720 fireall/router, (I think it's IOS 12.2) which is performing NAT for us. So instead of our real IP address our DNS server actually has an address of 192.168.254.1. Obviously I can't use that IP address to connect to. What should I do to our Cisco to let someone connect to our server behind this firewall? I don't know much about Cisco routers. What I do know about our Cisco is how to look at the access list, pull up configurations, etc... Very basic things. I haven't actually setup an access list on a Cisco yet.

If you would rather me post this as a new question then feel free to ask for a new one. I just want to get this thing done so I can start providing a few much-needed services to our remote users. Thanks!

Oh, one more thing, right now buying a Cisco for at least one of our offices is not an option. I just wanted to let you know in case you thought we could setup a Cisco VPN. We don't have a Ciscos on the other end.
0
 
LVL 36

Expert Comment

by:grblades
ID: 11752965
I suggest you post it as a new question as other may be able to help you more than I can. I haven't used NAT/VPN on routers myself (I use a PIX for this).
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:mckeough
ID: 11753000
OK, will do. Just curious, one of our offices have a Cisco PIX. Is that easier to setup than a Cisco 1720?
0
 
LVL 36

Expert Comment

by:grblades
ID: 11753018
Bear in mind that with VPN the packet is encrypted and decrypted at the VPN server. So therefore if a client establishes a connectoion to the VPN server on the internal network they will effectivly be directly connected to the internal network. Therefore you just issue the internal IP address of the DNS server for the client to use.
As the router is running NAT the only thing you need to worry about is redirecting PPTP traffic to the internal VPN server. PPTP uses udp port 1723 and IP protocol 47 (GRE)
0
 
LVL 36

Expert Comment

by:grblades
ID: 11753041
They are probably about the same. I have used a PIX before so naturally I will find it much easier than a router as I have previous experience and have answered a number of PIX questions here.

I have documented a couple of example configurations on my website:-
http://www.gbnetwork.co.uk/networking/
0
 

Author Comment

by:mckeough
ID: 11753202
Nice website, I'll be sure to read up on what you have posted there for the RADIUS server. One LAST thiing (I promise.) Again, if you think I should post this as a separate post, let me know.

So if I have things setup properly, our users will actually use the outside IP address, which we'll just say is 69.39.1.2, of our router to connect to? In other words when I tell them what IP address they should connect to, I'll tell them the REAL IP address of this network?

Sorry if these questions seem dumb, but I haven't had any experience with Cisco firewalls before. I like Ciscos, so I think I'll get a book or two (maybe "Ciscos for Dummies", lol).
0
 

Author Comment

by:mckeough
ID: 11753210
Increased points to 500.
0
 
LVL 36

Expert Comment

by:grblades
ID: 11754814
Yes as far as the VPN client is concerned you connect to the external IP address. If the router has VPN on it then it will work otherwise if the VPN server is internal the router will be configured to forward the connections onto the server.
0
 

Author Comment

by:mckeough
ID: 11754886
OK! Thanks!
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

When you connect to your workplace's VPN, you may not notice that you are using your workplace's servers to serve up webpages.  This might be undesirable since the workplace can log all the places you've been.  It also might be very slow to load pag…
If you use NetMotion Mobility on your PC and plan to upgrade to Windows 10, it may not work unless you take these steps.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now