Windows SBS 2003 VPN implementation

I am a VPN newbie.

Here is the setup.

SBS - Hub - Cisco pix - Cisco router - Internet connection

Currently the SBS is used as a file server to the other 15 PCs on the hub.

I want to implement a simple VPN solution.  Probably PPTP with MS-Chap v2.
Is it feasible to put a second NIC in the S.B.S. and connect it directly to the router bypassing the firewall.
Or would this be a big security risk?

Any help would be greatly appreciated.  Thank you.
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Juan OcasioApplication DeveloperCommented:
THat is feasible but a Tremendous risk as you would expose yourself directly tothe internet.  YOu definietly need to have a firewall in from of all connections to the internet.  Is your Cisco router managed by your ISP?  If so is it acting as a firewall or are all ports wide open?

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
paulmmaloneAuthor Commented:
Thanks for the quick response.  I really appreciate the help.
I have to go through a Cisco Pix 500 series Firewall and then to a Cisco Router then to the internet

So then I guess I should make sure TCP port 1723 and GRE protocol 47 are open through both the firewall and the router.

So you think putting a Second nic in my SBS and hocking that up the firewall and making sure those ports are open would work?

Thanks again.
Juan OcasioApplication DeveloperCommented:
Yes.  You should add another NIC card to your Server hook that up to the Cisco PIX and the other NIC of course is hooked up to your internal network.  Then all you should have to do is open up the ports and then set up routing and remote access to allow VPN connections.

Check out this site for more info.



Good Luck! and post a reply if you get stumped
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.