• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 337
  • Last Modified:

vpn remote office into SBS2003 server

I have a main office with 12 users on a SBS2003 network.  The SBS2003 server acts as my router/firewall as well.  I have VPN setup on the machine and RRAS and i can VPN to it fine after configuring the windows xp vpn utility.  I am adding a remote office with 3 computers that i also want to be on the same domain so i can use file sharing, exchange mail, user accunts, and have all the printers accessible wherever.  Is there a way i can either have the machines make a VPN connection everytime they turn on to the SBS2003 server or somehow make my hardware router at the remote office make the VPN connection for me?  I have a befsx41 right now, but would also be willing to get another router if needed.  Please submit any ideas you have for my situation.  I do not want to mess with a hardware router at the main office.  I just want to get the three machines up at the remote office so i can use it just like im inside the other office.  Thanks for all your time who read my post.
0
danej256
Asked:
danej256
  • 2
  • 2
2 Solutions
 
Jay_Jay70Commented:
Hi danej256,

hardware VPN between routers is a much better solution, then it is a permanent link......

http://computer.howstuffworks.com/vpn3.htm

you will have to alter your head office router and make sure it supports VPN - have a skim throught the the guide that came with it

0
 
-Garren-Commented:
Hi Danej256

In my humble opinion, having your main server run as a firewall is quite risky. Yes, I know it can and does work for your but... IF a vulnerability were to be discovered before it is patched, your company jewels would be left unprotected. I would advise a true firewall of some kind.

We use a PIX515 firewall but for your main office I would suggest a PIX 501. It supports 10 concurrent connections so it can handle the load easily and it provides great protection. You can also set it up for RADIUS where you defer remote VPN login to your domain server.

On our network remote office, I installed a PIX 501 firewall that I set up to auto-build a VPN between our campus PIX. The systems at the remote office sit on a private network and are secured from the open net by the PIX. The 501 only ran a few (~$400) dollars. I also configured the 501 to split-tunnel so only the traffic headed to the main campus goes through the tunnel. It was quite easy but if needed, a Cisco engineer can help you set it up rather quickly.

So for about $800+ you can protect both your offices, provide automatic VPN tunnels and browse seamlessly across your network.
0
 
danej256Author Commented:
I understand what you mean exactly.  Let me go into more detail of my situation.  I was just asking this question in general without going into further detail, but it may be beneficial to explain my situation in full detail.  We have many remote offices, and right now all of them are connected to each other via frame relay.  We have a T1 line at our corporate office where i redirect the static ip address ports i need to the remote sites if i need external access to them.  So the server at the office i described as our main (isnt really main) just does a small part of what our other offices do.  I am only forwarding a small number of ports to the server at this office (3389, 21, VPN).  I want to setup my home to fully work inside the network of this office as if i were there at the remote site.  So i was actually more looking for a procedure i could setup on the workstation to automatically connect it to the vpn before it logs on so the startup script would still run.  Then once i am in it is like i am still inside the network.  I have a cisco 2620xm router at the corporate office and a cisco 1721 at the remote site i want to connect too.  What i am afraid i may have to do to get this to work is get a new main router that supports VPN connections, i am not too familair with all the ability out there that is at a reasonable cost.  But i would be willing to purchase something if necessary.
0
 
-Garren-Commented:
So you want your Home XP workstation to Auto-connect a VPN tunnel to your remote office prior to you logging on right? I believe the 501 will provide that for you. Your VPN tunnel would remain up at all times providing you access to your network. My remote office systems work similarly and the scripts run just like they were sitting in the main office. We even integrate systems into the domain across that same link. I think the 501 would work when connected directly to a Win2k3 server.
0
 
danej256Author Commented:
do you have any info on the pix501 to configure it to connect to pptp or another way?
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now