We help IT Professionals succeed at work.

Connecting two offices

PCtechnix
PCtechnix asked
on
Medium Priority
368 Views
Last Modified: 2010-04-12
I have an SBS Server with Remote Web Workplace all setup. The router has a static I.P address. Everything in this office is working great. The same client has another office and would like to have these pc's connect seamlessly to the existing network. I can get a static i.p for the second office no prob.

My question is, what is my best option for this situation? I could use the vpn connection on each of the pc's but i'd prefer not to do it that way. The two routers are the same. Your help would be much appreciated.
Comment
Watch Question

Commented:
Definitely want to establish an IPSEC tunnel between the two sites using the Routers as end points.  That way the connection between the offices is seamless to the users.

What types of Routers do you have at each office. Are the VPN Compliant?

Commented:
You definitely want to do a site-to-site VPN.  I know you have a SBS box in one office, what about the second office.  I would recommend a 2003 Standard Server that will run AD.  You can add an additional server as a DC but the SBS box has to be the primary with FSMO roles.  Theres a great article on http://smallbizserver.com on how to add a second server to an existing SBS domain.  The reason for the second server would be that should the Internet connection go down at one of the two offices the VPN would drop.  Without the VPN the remote office would not be able to authenticate and access files on the local network.

Author

Commented:
Thanks Guys, I don't think my client would pay for a second server but it may be something we could do at a future date alright. But for now i'd lke to do it by something similar to brugh's approach. The ipsec sounds good. The routers are netopia model 3347NWG. They are also compliant. How do i set this up?
Jeffrey Kane - TechSoEasyPrincipal Consultant
CERTIFIED EXPERT
Most Valuable Expert 2016
Top Expert 2014

Commented:
You don't need a second server just configure a router-to-router vpn tunnel per Netopia's documentation:
http://www.netopia.com/support/hardware/technotes/CQG_053.html

Jeff
TechSoEasy

Author

Commented:
Thanks, i might have been wrong about whether these routers are VPN compliant as this model doesn't seem to have an IPSEC config. I thought you meant PPTP VPN sorry. It only seems to have ip passthrough,  NAT, Packert Filter, Qos, Static Routers, VLan in the configuration of it.

Would two static routes on both Routers do the trick?
Jeffrey Kane - TechSoEasyPrincipal Consultant
CERTIFIED EXPERT
Most Valuable Expert 2016
Top Expert 2014

Commented:
What firmware version is it running, because that router should support IPSec.

Jeff
TechSoEasy

Author

Commented:
Software Version is 7.7.0r3 . There is a custom services section whic has IPSEC in it. When i enable it asks what local machine to use (like a server)

Service Name Service Mode Host Device  
IPSec IKE Server PCTECHNIX01
 

 
Jeffrey Kane - TechSoEasyPrincipal Consultant
CERTIFIED EXPERT
Most Valuable Expert 2016
Top Expert 2014

Commented:
So, that's fine... but did you review the Netopia KB article I linked above for how to configure this?

There would be one additional task needed once you've followed those instructions though.  That's to add a persistent route on the SBS Box by running this command:

route add -p 192.168.2.0 mask 255.255.255.0 192.168.1.2

(although those IP addresses would depend on your actual configuration.  The first one, 192.168.2.0 would be whatever you use for your remote location with a "0" in the last position... ie, x.x.x.0.  The last one is the Internal IP address of your SBS).

Alternatively, you can configure an IPSec Tunnel directly from your SBS to the remote site's router by following the steps outlined in http://support.microsoft.com/kb/816514

Jeff
TechSoEasy

Author

Commented:
Yes, i read the article but there is definitely nothing for IPSEC that is as elaborate as that page on the router i have. This one is shipped with factory settings from the ISP. I disabled IPSEC passthrough as directed from the link you gave me, hoping this would allow me to then add the information but no luck. I think i will give the SBS ipsec a try this afternoon. I'll let you know how i get on. I'd live to know if there are any other options in the meantime. I know i could ask the ISP to link them directly but they charge for this. I'll give this a go, thanks!
Principal Consultant
CERTIFIED EXPERT
Most Valuable Expert 2016
Top Expert 2014
Commented:
HUH??  The article is titled "IPSec with IKE (Internet Key Exchange); Router-to-Router"  and it has a visual how-to guide for configuring a VPN Tunnel between two Netopia 3300 Series Routers.  How is that not specific enough?

You can't use the SBS IPSec if you don't find it available on the router though because the other end of that VPN will need to look a lot like the example shown in the Netopia document.


Jeff
TechSoEasy

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Author

Commented:
That's my point, the visual is different and so are the options. Here's the router info http://www.netopia.com/support/intl/eircom/firmwareN.html . The model i have does not contain the same layout or menu system.

I'm not sure why i don't have the same options in the config page but i reckon i'll have to buy new routers at trade and start from there.
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.