Simple VPN solutions question?

Trying to setup a simple VPN

I have 10 pcs and a 2003 SBS running active directory and file sharing connected to one hub.

I have this hub then connected to a Cisco Pix firewall.  I am trying to setup VPN.

This is the solution I am proposing....

Install a second Network Card in the Server and run the cable straight to the Pix Firewall bypassing the hub.  Assign the new NIC one of the static IP address provided by my ISP and run the Remote Access Wizard for VPN on the 2003 server.

Does this sound like a viable solution?  I have been reading about VPN setups and I haven't seen a setup that uses the main server for the the network also as the VPN server.  Don't know if what I am proposing is secure or the correct way to do it.  Read about some DMZs and stuff.....   Any advice would be greatly appreciated.  Thank you.

Here is a diagram

10 PCs      2003 SBS
 |__________|   |
           |            |
         hub          |
           |______ |
              cisco pix

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

A better solution may be to configure a Network Address Translation or Port Address Translation on the Firewall to the Internal address of the SBS Server.  Where you will have the routing and remote access configured.  This will not require a second network card.  

If you are using SBS Premium you could install a second network card and configure ISA Server for additional security.  In this case you would not connect the hub directly to the firewall but rather connect the hub to the PCs and Server and then using the new interface in the server connect the server directly to the firewall.

Use the firewall policy in both cases to limit the ports which can reach the SBS server.

Alternatively you could use the VPN capabilities in the Pix.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.