multiple VPN logons to server

Posted on 2009-12-26
Medium Priority
Last Modified: 2013-11-05
Does WS2008 support multiple PPTP VPN logons? I know NT does but XP only supports one at a time?

Related question: does WS2008 support IPSec connections directly? In another place I used IPSec connections to a router and got to the LAN from there. I no longer have an IPSec router -- can I establish IPSec connections directly to WS2008.
Question by:Scott Helmers
LVL 71

Accepted Solution

Qlemo earned 2000 total points
ID: 26126794
Windows Server 2008 is a server OS, and hence allows for more than one VPN connection. XP does indeed only allow a single one, as it is a desktop (or client) OS.

Besides the VPN connection, there is a limit of interactive logins, i.e. sessions with a visual Desktop, using the Console or RDP. Desktop OS allows for a single session at a time (but for simultanous inactive sessions - "Fast User Switching"). Server OS allow for at least 2 (admin) RDP sessions in addition to the Console.

W2008 allows for IPSec (it is supported since W2000), but it is not intended to be used for dial-in connections. The purpose is to build an encrypted connection for security-enhanced workstations or servers on a LAN, and is policy-based (GPO). For a always-on connection via Internet, it might be useful. What has changed with W2008 (Vista) is that you can manage per Windows Firewall GUI, previously you had to customize GPOs.
W7 (and I suppose W2008R2) support IPSec connections, based on IKEv2, which is not supported by many VPN software or devices.

For occasional connections I recommend to use PPTP with a good password (which is used for encryption, hence it should not be short and trivial). If the W2008 server is exposed to the Internet, you should not have problems with that configuration. If there is a router in-between, you might have GRE-NAT-issues, and no connection is established.

Another, more secure way as PPTP, to connect is using L2TP/IPSec with a Pre-Shared Key. The encryption is better than with PPTP, and it has less connection problems in conjunction with NAT.
LVL 31

Author Closing Comment

by:Scott Helmers
ID: 31670100
Thanks for all of the useful info. I currently have PPTP working to the XP box via a router with PPTP pass-through. If I decide to move the box to WS2008, I'll probably continue to use PPTP (with strong passwords) based on your comments.

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
Suggested Courses

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question