VPN Overview

Posted on 2005-05-03
Last Modified: 2010-04-10
I am thinking about setting up a VPN in my office.  I have no experience with vpn's.  The server is a Windows 2003 server sitting behind a proxy server.  Obviously  I will use Microsoft as a resource for doing it, but does anyone have any tips to save me some aches and pains?

Question by:bridgetimiller
    LVL 4

    Expert Comment

    The only thing I would mention is that this solution (I think) will use PPTP as the protocal.  This is not secure enough to meet our companies standards.  We opted to purchase a cisco VPN device that uses IPSec encryption, which is very secure.   You may have issues using pptp over your proxy, depending on how 'smart' you proxy server is.

    Good luck,
    LVL 2

    Accepted Solution

    ok, here is the steps to setup a 2003 server as a vpn device

    1.      make sure you have two nicks
    2.      in network properties, configure the connection with the seccond nic, and rename it something like "VPN".  you also may want to give it a stadic ip address
    3.      make sure you have routing and remote access installed (add remove programs)
    4.      start | programs | routing and remote access
    5.      if it hasnt been configured, click on action, then "configure and enable"
    6.      next
    7.      select vpn
    8.      make sure proper protocols are in
    9.      select correct nic (connection should have name like VPN)
    10.      specify how ip addresses are going to be given out
    11.      select no on RADIUS server, unless you know you want it
    12.      then the vpn server (service) tries to start

    I suggest using a linksys rv042, 170  because its part of cisco, can connect tons of cients to it using ipsec (not pptp), and has its own client software, the other option is to use 's pptp unix appliance, about 250.

    depending on your current router setup you need to put the ms vpn server in  a dmz zone because most routers only recognize one pptp connection, meaning the seccond incoming connectin trying to hit the server would confuse the router.  

    I have tons of clients using linksys devices, and that snapgear thing, I got frustrated with MS's version of it years ago, but I know you have your reasons.

    LVL 2

    Expert Comment

    thanks, i would love to know if you went for my sales pitch on third party connectivity devices insted of MS's software solution, but thanks....

    Author Comment

    It's all still pretty confusing to me, but it definitely gives me a place to start.  If Microsoft only allows one router, then I would have to go with a 3rd party - so I would probably go with what you recommend, as I don't know anything about anything else :)  I think I would lean towards the linsys, not the snapgear.  

    Featured Post

    Enabling OSINT in Activity Based Intelligence

    Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

    Join & Write a Comment

    Suggested Solutions

    Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
    PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    21 Experts available now in Live!

    Get 1:1 Help Now