VPN between 2 domains

Posted on 2008-06-24
Medium Priority
Last Modified: 2010-04-12
Hi everyone.
I'm fairly new to the whole VPN aspect of networking.  I currently have a domain setup with SBS 2003, and our company is opening a new office.  We will be installing 1 T1 line at the current location (about 25 users with VoIP thru Jive), and 3-4 T1 lines at the new location (about 65 users with VoIP thru Jive).

The current location has a domain setup with a cable modem.  I would like to add the new server to this domain and be able to share resources and be on the same network.  I know VPN is one of the ways to do this.

I do not know where to start.  I've been told to let the ISP handle the VPN tunnel, but that may prove costly.  Any references or steps I can follow? Also, what type of hardware would I need to connect this?

Question by:pjbakhtiar
  • 3
  • 2
LVL 23

Accepted Solution

ormerodrutter earned 2000 total points
ID: 21865769
I think there are 2 issues here - joining domain and VPN.

VPN tunnels can be setup quite easily using decent modem. I recommend you use the same brand for both sites. We use DrayTek 2800 router in all of our sites and it handles VPN management really well. All you need is to get a fixed IP address for your sites and put it in the router.

You mentioned the remote site has a domain setup already. Well it can be an issue because SBS do NOT support domain trust, so sharing resource could be a problem. If thats the case you might need to consider remove the remote domain and join and server to your exist SBS domain.

Hope this helps. Any Qs please come back.

Author Comment

ID: 21866090
For clarification, one site currently has SBS 2003 running as DC.  The new server will have SBS 2003 pre-installed, but doesn't have any roles setup yet.

How would you recommend setting up the new server to be under the current domain?
LVL 23

Expert Comment

ID: 21866271
You can only have ONE SBS server in a domain. Put two in and you will have BIG trouble.

The way I would set this up is, have a W2K3 server ready, join domain and promote to DC (optional) and keep that in the remote site. Users in the remote site will be authenticated by the SBS, or if you promoted the W2K3 server as DC, they will use the W2K3 server for authentication instead.

Is there a reason why you want a SBS in the remote site? It is a new (branch) office so I would consider it as part of your domain.


Author Comment

ID: 21868384
there is no particular reason other than it's easy to setup and maintain.  If the current server that is setup (SBS03) is a DC, then again for clarification, I should setup the new server at the new branch (same company yes) as a W2K3 Standard or better server?

we will have 2 Linksys RV082 routers (one at each location), can i use VPN with them to connect the 2 servers?
LVL 23

Expert Comment

ID: 21870032
I have re-read your question and think I got a mistake as I misread the number of users. SBS only supports upto 75 users, so if your number of user exceed 75 then you must upgrade to a Windows 2003 domain. You need to convert your licences too.


If you google on "migrate or upgrade SBS 2003 to Windows 2003" you should be able to find lots of hits but I think the above two are the best amongst the lots.

So, I would upgrade my SBS domain to Windows 2003 domain first making sure everything is working before putting on a new W2K3 server (member server) for the remote site. Migrating SBS2003 to Windows2003 is not as straigtforward so requires lots of planning. I strongly recommend you do more research and do not rush to doing this.

Regarding the RV082 yes it has its own VPN client to connect remote offices. You will need to connect it to a modem.


Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I work for a company that primarily works with small businesses as their outsourced IT vendor. As such the majority of these customers utilize some version of Small Business Server. Due to the economics of running a small business, many of these cus…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Suggested Courses

579 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question