Marcusw
asked on
VPN where to start
my company has just taken on an extra sales office in a nearby city with 3 employees in.
now they have decided that they would like them to connect into or network.
i have heard vpn's are the way to go but do not know where to start.
our hq has a sonicwall tz150 with a 5vpn licence i have available 5 static ips.
i have 3 windows server 2003 servers.
1 is a dc,dns,dhcp
2 is exchange 2003
3 is sql server 2000
i need the new office to be able to act asif they are part of the same network, so they can access exchange, sql, documents, run our customer database program etc.
i do not know the difference between the firewall vpn and win 2003 vpn
ideally i don't want to have to have a dedicated machine for this because budget are very tight. however security is paramount
Any help is appreciated
Thanks
now they have decided that they would like them to connect into or network.
i have heard vpn's are the way to go but do not know where to start.
our hq has a sonicwall tz150 with a 5vpn licence i have available 5 static ips.
i have 3 windows server 2003 servers.
1 is a dc,dns,dhcp
2 is exchange 2003
3 is sql server 2000
i need the new office to be able to act asif they are part of the same network, so they can access exchange, sql, documents, run our customer database program etc.
i do not know the difference between the firewall vpn and win 2003 vpn
ideally i don't want to have to have a dedicated machine for this because budget are very tight. however security is paramount
Any help is appreciated
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
No, if you use the Sonicwall Global VPN client and the Sonicwall router as the VPN end point, there are no changes required to the servers for the VPN.
However, the Sonicwall may need to assign the client an IP address using DHCP. If so, make sure this does not conflict with the existing DHCP scope/range in the office. Often in the office you might assign something like x.x.x.100 to x.x.x.199 for in office users and allow the VPN router to assign x.x.x.200 to x.x.x.225 for VPN users.
The other concern is software firewalls on the server, such as the Windows Firewall. Once the user is connected to the VPN, they have access to all services the same as a user in the office, but the firewall has the ability to block users by subnet, it may need to be configured, if enabled, to allow the remote users. This is not usually necessary, but if some services are unavailable, keep it in mind.
However, the Sonicwall may need to assign the client an IP address using DHCP. If so, make sure this does not conflict with the existing DHCP scope/range in the office. Often in the office you might assign something like x.x.x.100 to x.x.x.199 for in office users and allow the VPN router to assign x.x.x.200 to x.x.x.225 for VPN users.
The other concern is software firewalls on the server, such as the Windows Firewall. Once the user is connected to the VPN, they have access to all services the same as a user in the office, but the firewall has the ability to block users by subnet, it may need to be configured, if enabled, to allow the remote users. This is not usually necessary, but if some services are unavailable, keep it in mind.
Thanks Marcusw,
--Rob
--Rob
ASKER
just one thing, do i have to do anything to my servers if i go with the router option