?
Solved

WINDOWS 2000 SERVER TO SERVER VPN via RAS

Posted on 2005-05-13
8
Medium Priority
?
178 Views
Last Modified: 2010-04-14
Hi There,

At the moment I already have RAS setup and clients are able to logon via RAS VPN remotely.  I was wondering if there is a way for me to create a unique policy in RAS just for one connection to another server that would be permanent.  E.G. I wan't to network location A-B (bidirectional authentication and traffics) but I only want to LIMIT RAS server A to only accept B's WAN IP address and vice versa.  Both location has static IP address.  If I can, how would I do so?

Secondly, from what I have been reading it seems as that this type of VPN would require 2 IP addresses.  Is true or can I get away with one?

Wayne
0
Comment
Question by:allstick
  • 4
  • 4
8 Comments
 
LVL 35

Accepted Solution

by:
Nirmal Sharma earned 525 total points
ID: 14001931
Why not using Filtering option in RAP. This should do the job for you. Double click default Remote Access Policy > Edit Profile > IP Tab > use "IP Packet Filter...From Client and To Client...." In your question you need to use From Client option.

Let us know.
0
 

Author Comment

by:allstick
ID: 14010919
I think this will do the job.  Can you clarify with me on how to use this?  When I click on the from client button it asks be to enter the IP addresses "to the destination" instead of the IP address "from the remote network".  And the button "to client" asks me for the source IP address.  Would not itself be the source since it is the calling server?  Thanks for your help.
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 14016194
When it asks you to enter the Network IP Route.....means the packets comming from this network should be dropped. Suppose you have one network 192.168.1.0 So in the Box enter like this:  -

192.168.1.0
255.255.255.0

That's it.

0
Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

 

Author Comment

by:allstick
ID: 14018831
Ok, thanks for the answer.
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 14018850
Ok. Are you not satisfied with the answer?
0
 

Author Comment

by:allstick
ID: 14018963
What confuses me is that should I put the WAN's static IP address in that field or the internal's IP address according to your example?  I want to set up a rule based on the WAN's IP address.
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 14019293
>>>>What confuses me is that should I put the WAN's static IP address in that field or the internal's IP address according to your example?

Remote Access Policies are used for Authorization and not authentication. So in your question requesting comming from either  LAN adapter will be dropped because when RAP sees filtering and checks the request not to accept or drop packets for the clients then it will not authorize the client.
0
 

Author Comment

by:allstick
ID: 14020124
Ok.  Got it.  Thanks.
0

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Tech giants such as Amazon and Google have sold Alexa and Echo to such an extent that they have become household names. And soon they are expected to be used by commoners in their homes, ordering takeout, picking out a song, answering trivia questio…
This Micro Tutorial will teach you how to add a cinematic look to any film or video out there. There are very few simple steps that you will follow to do so. This will be demonstrated using Adobe Premiere Pro CS6.
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question