Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 519
  • Last Modified:

2 PC's connecting from the same location through VPN to the same W2K3 server

I have a small remote office (2 PC's: PC-A and PC-B) that simultaneously need to connect to the server at the main office. Distance is about 8km ==> over the internet ==> vpn. Now, at the remote office I have Speedtouch 510 modem/router/4-port switch.
When I start up a vpn connection on PC-A to the main office it works fine. At that time I cannot, however, make a connection from PC-B to the main office - and vice versa. But I would really need both PC's to connect to the server at the main office at the same time. Any ideas? Or better still - concrete solutions?

Many thanks.
Bye. Michael.
0
Michael Borchardt
Asked:
Michael Borchardt
1 Solution
 
KCTSCommented:
What you need is a site-to-site VPN.

Practice Lab at setting up site-to-site VPN http://www.microsoft.com/downloads/details.aspx?FamilyID=58a8b58a-5655-4cc1-9d6a-91119b54ae0a&DisplayLang=en
0
 
brasslanCommented:
I'm guessing that at the moment PC-A & B are using a software VPN connection that handles the encryption to the Speedtouch.

I think you should be able to buy another VPN device to be the VPN endpoint for the remote office.  Then there would only be one VPN connection and you could have as many PC's as you want at the remote branch as you want.

The only concrete solution I can add would be to buy a Cisco Pix for both ends, or something from their new ASA line.  You can't go wrong with the versitility of a Cisco.  They will do everything except brew your coffee in the morning. :-)
0
 
LimeSMJCommented:
The Speedtouch 510 does not support multiple VPN passthrough - that would be your problem.  There are a few solutions... usually dependent on how much you want to spend.  

If this branch office is small (you mentioned just 2 PCs) I would suggest buying a simple multi-VPN passthrough device like the D-Link DSL-2540B to replace your current Speedtouch 510.  Should you decide to keep your current DSL modem, you can buy other routers with the multiple VPN passthrough feature that don't have DSL modems built in (more selections to choose from).  Just note, however, should you keep your Speedtouch and buy a non-DSL modem router, you will need to make it a bridge to disable the routing within the device - otherwise you will have problems.

Going to tunnels or buying Cisco PIX devices woulld definitely be overkill for just two users who are connecting to the main office... nevermind the fact that every manufacturer, although they conform to industry VPN standards, often do not play nice.  With that in mind, should you decide to make a tunnel, your existing router/VPN server may have to be reconfigured - for just two users this may or may not be worth the effort.

Good luck.
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
Rob WilliamsCommented:
You will likely need to go to a site to site VPN.
-In order use a local router that supports multiple VPN pass through connections, the VPN server end would also have to support NAT-T (Network Address Translation -Traversal). Since the advent of XP SP2, NAT-T between Windows 2003 and XP clients is no longer supported (without registry hacks).
-Using a site to site Windows VPN solution would require a server at the remote site, which is complicated and also very pricey.
-A pair of VPN routers such as the Cisco's suggested earlier (Pix units or the newer ASA5500 series) would be the ideal solution, but if there are budget restrictions, a simple pair of Linksys BEFVP41 routers for less than $100 each, would give you the capabilities you require, plus added security over the current configuration, and slightly better performance. If you wanted to add access for mobile users, stepping up to the Linksys RV042 or Netgear FVS318 would give you that added capability, still under $200 each.
0
 
Fatal_ExceptionCommented:
Just a comment..  you only need one Cisco VPN hardware appliance, and the Cisco Client..  you can configure the client for both PCs, one using TCP and one using UDP..  I manage over 50 of these for our remote offices and have no problem creating multiple VPN tunnels through these modems...
0
 
Rob WilliamsCommented:
Slick ! I like that!  :-)
Cheers,
--Rob
0
 
Michael BorchardtInternational IT ManagerAuthor Commented:
Many thanks for all of your helpfull remarks and suggestions.

[1] -- I agree that site-to-site vpn would be an ideal solution. I've talked to managment about this before, but there are budget worries (you see, we're a small social profit organisation - without funds)

[2] -- However, I have a NetGear FVS114 laying around here. From what I read in LimeSMJ's post that could solve the issue I am facing here.
I would configure the Speedtouch 510 to run in Bridged Ethernet mode. Then hook up the FVS114 to the ST510 and have 4 ports available in the FVS114 for PC's to initiate a vpn connection to the server in the main office. Sound right?
I will give that a try this afternoon and let you know.

Many thanks.
Bye. MIchael.
0
 
Michael BorchardtInternational IT ManagerAuthor Commented:
[1] I've set up the ST510 to run in Ethernet bridging mode. The easiest way to do this was to upload a config file, customized to my ISP.
[2] Hooked up the FVS114 as described above
[3] Works like a charm ... ahhh the smell of roses ...

Thank you everyone for your quick and adequate response!

Sincerely,
Bye. Michael.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Building an Effective Phishing Protection Program

Join Director of Product Management Todd OBoyle on April 26th as he covers the key elements of a phishing protection program. Whether you’re an old hat at phishing education or considering starting a program -- we'll discuss critical components that should be in any program.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now