• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 353
  • Last Modified:

Connecting two offices

I have an SBS Server with Remote Web Workplace all setup. The router has a static I.P address. Everything in this office is working great. The same client has another office and would like to have these pc's connect seamlessly to the existing network. I can get a static i.p for the second office no prob.

My question is, what is my best option for this situation? I could use the vpn connection on each of the pc's but i'd prefer not to do it that way. The two routers are the same. Your help would be much appreciated.
0
PCtechnix
Asked:
PCtechnix
1 Solution
 
BrughCommented:
Definitely want to establish an IPSEC tunnel between the two sites using the Routers as end points.  That way the connection between the offices is seamless to the users.

What types of Routers do you have at each office. Are the VPN Compliant?

0
 
bluetabCommented:
You definitely want to do a site-to-site VPN.  I know you have a SBS box in one office, what about the second office.  I would recommend a 2003 Standard Server that will run AD.  You can add an additional server as a DC but the SBS box has to be the primary with FSMO roles.  Theres a great article on http://smallbizserver.com on how to add a second server to an existing SBS domain.  The reason for the second server would be that should the Internet connection go down at one of the two offices the VPN would drop.  Without the VPN the remote office would not be able to authenticate and access files on the local network.

0
 
PCtechnixAuthor Commented:
Thanks Guys, I don't think my client would pay for a second server but it may be something we could do at a future date alright. But for now i'd lke to do it by something similar to brugh's approach. The ipsec sounds good. The routers are netopia model 3347NWG. They are also compliant. How do i set this up?
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
You don't need a second server just configure a router-to-router vpn tunnel per Netopia's documentation:
http://www.netopia.com/support/hardware/technotes/CQG_053.html

Jeff
TechSoEasy
0
 
PCtechnixAuthor Commented:
Thanks, i might have been wrong about whether these routers are VPN compliant as this model doesn't seem to have an IPSEC config. I thought you meant PPTP VPN sorry. It only seems to have ip passthrough,  NAT, Packert Filter, Qos, Static Routers, VLan in the configuration of it.

Would two static routes on both Routers do the trick?
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
What firmware version is it running, because that router should support IPSec.

Jeff
TechSoEasy
0
 
PCtechnixAuthor Commented:
Software Version is 7.7.0r3 . There is a custom services section whic has IPSEC in it. When i enable it asks what local machine to use (like a server)

Service Name Service Mode Host Device  
IPSec IKE Server PCTECHNIX01
 

 
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
So, that's fine... but did you review the Netopia KB article I linked above for how to configure this?

There would be one additional task needed once you've followed those instructions though.  That's to add a persistent route on the SBS Box by running this command:

route add -p 192.168.2.0 mask 255.255.255.0 192.168.1.2

(although those IP addresses would depend on your actual configuration.  The first one, 192.168.2.0 would be whatever you use for your remote location with a "0" in the last position... ie, x.x.x.0.  The last one is the Internal IP address of your SBS).

Alternatively, you can configure an IPSec Tunnel directly from your SBS to the remote site's router by following the steps outlined in http://support.microsoft.com/kb/816514

Jeff
TechSoEasy
0
 
PCtechnixAuthor Commented:
Yes, i read the article but there is definitely nothing for IPSEC that is as elaborate as that page on the router i have. This one is shipped with factory settings from the ISP. I disabled IPSEC passthrough as directed from the link you gave me, hoping this would allow me to then add the information but no luck. I think i will give the SBS ipsec a try this afternoon. I'll let you know how i get on. I'd live to know if there are any other options in the meantime. I know i could ask the ISP to link them directly but they charge for this. I'll give this a go, thanks!
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
HUH??  The article is titled "IPSec with IKE (Internet Key Exchange); Router-to-Router"  and it has a visual how-to guide for configuring a VPN Tunnel between two Netopia 3300 Series Routers.  How is that not specific enough?

You can't use the SBS IPSec if you don't find it available on the router though because the other end of that VPN will need to look a lot like the example shown in the Netopia document.


Jeff
TechSoEasy
0
 
PCtechnixAuthor Commented:
That's my point, the visual is different and so are the options. Here's the router info http://www.netopia.com/support/intl/eircom/firmwareN.html . The model i have does not contain the same layout or menu system.

I'm not sure why i don't have the same options in the config page but i reckon i'll have to buy new routers at trade and start from there.
0

Featured Post

[Webinar] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now