[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


Setting up VPN - access to a remote corporate server

Posted on 2006-05-14
Medium Priority
Last Modified: 2010-03-19
Hello Experts,

I have recently joined a new company and have been asked to identify "opportunities for improvement".  This company has five manufacturing plants, a sales office in Michigan, and an office in the UK.  The first thing that "sent me into shock" was that none of these facilities are able to access any shared or central server so that the sites can review data and collaborate in real time.

On my wish list is to set up "vpn" access to a central server so these sites can share work product or access shared documents (pdf format).  In my 2 week honey moon, I have reason to question the quality and knowledge of the IT staff.  

Although the main facility does have XP server, they have the network set up as a workgroup rather than a domain.  Additionally, they use static IP's.............

My question is, what is the first step in making this happen?  

I am being told that due to the static IP scheme, they (IT) can not set up remote access to the server - although I am an engineer by profession, I do know enough to quesiton and detemine if I am being fed a load of crap.  In this instance, I am not sure as my IT knowledge is mostly limted to client machines, hardware, and home networking.  This is my first dive into corporate IT infrastruture.

Thanks in advance, I know one of the wizards here will point me down the right path.


Question by:skacines
  • 3
LVL 78

Expert Comment

by:Rob Williams
ID: 16679255
You mention they have XP server??? I assume Windows 2003 server?
Setting up a VPN between sites can be done quite easily if you have 2000 or 2003 server in place. Below are the very simple walk though instructions. As for DHCP, it is common to use it with VPN's, but by no means necessary. You can enable it on the server and still leave your static IP's in place, so long as you do not have 2 DHCP servers on the same domain, such as a DHCP server and  a router issuing DHCP.
2000 server VPN
2003 server VPN
XP VPN client
You will also have to set up port forwarding for the router at the server site. Port 1723 must be forwarded to the server on the router and PPTP pass-through enabled to allow GRE traffic to pass. Good instructions can be fount at the following site. Click on the link for your router and then the link for Point to Point Tunneling Protocol:

It is also possible to set up a server to server VPN for each site. However, the way you really should consider doing this is ignoring all of the above and buying a VPN router for each site. They can cost thousands of dollars but the Linksys RV042 for about $200 US would probably do nicely for your situation. With the router, the tunnel is always "up", and all devices on each site can easily communicate bi-directionally.
LVL 12

Expert Comment

ID: 16679458
Before you go for the VPN, you need to know the network address of all the 3 sites.

no 2 sites must have same network address.
As RobWill said the best way is using a VPN Router. However all the Sites have routers to connect to internet. These days most of the routers come with Site-to-Site VPN capability.
Your Current router Model numbers would be helpful

LVL 78

Accepted Solution

Rob Williams earned 500 total points
ID: 16931349
skacines, did you find this information useful?
LVL 78

Expert Comment

by:Rob Williams
ID: 16965956
Thanks skacines,

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question