VPN configuration help

Posted on 2005-04-21
Last Modified: 2010-04-18
So I am want to implement a VPN using IPSec tunnel mode (transport if I have to). I am using Smoothwall as a firewall solution and I have a few questions on this one- so I will make sure to reward points graciously. I will need this VPN connection to support my road warriors (laptops- dynamic IP's, Home users (dynamic IP's), and Site-to-Site (Static). Now I know virtually nothing about how this works. We are a domain here at my work and I am guessing they will need to authenticate into our domain somehow- but I do not want to be joing their home PC's to our domain.

A) I am guessing the IPSec client will take the authentication load/role?

B) I need IPSec clients for the people I delegate to have VPN access- can you recommend any free ones?

Ok so on my internal network side- I have learned that I need to setup a Routing and Remote Access Server. I read that it is not particularly wise to set this up on a Domain Controller- so I have chosen my WIndows 2003 Server (which is only our print server).

C) As there anything you can suggest for the config on this server?

D) And finally, once the connection is established- what resources can the users access? How do I make these resources available once they are connected? They will primarily need access to their Users folders (which are mapped on their work pc's)

Thanks guys
Question by:Trihimbulus
    LVL 9

    Expert Comment

    HI some thoughts.
    A: IPSEC is an encryption protocol not authentication. That is done by endpoints. Follow the suggestions in the following link:

    LVL 9

    Accepted Solution

    The rights every user gets is depending on what you allow the user to do on the domain since they have to log in to the domain

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
    On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    745 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now