• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 905
  • Last Modified:

How to configure SBS 2008 with dual VPN router-to-router


I have a customer with 3 locations:
- MAIN location, with VPN router server, IP + SBS 2008 with DHCP on SBS server
- STORE location, with VPN client router, IP, DHCP on router
- SHOP location, with VPN client router, IP, DHCP on router

Now, both STORE and SHOP locations connect to MAIN office via VPN IPSec, where routers are configured - MAIN is "VPN SERVER", STORE and SHOP are "VPN CLIENTS".
SBS 2008 server R2 is located at MAIN location, serving 4 local clients.

VPN works fine, connection is stable, approx. 40-45 ms PING in idle, 2 Mbps/512 ADSL speed.

The PROBLEM is that I want to join 2 client computers at STORE and SHOP location into main SBS domain, but I am wondering what to do with IP settings:
- if I configure the same subnet 192.168.0.x at all 3 locations, then VPN would not work stable
- but if I leave as is, meaning each location has its own IP subnet, VPN is stable, but HOW TO CONFIGURE SBS 2008 server to allow joining computer from another subnet?
Andrej Pirman
Andrej Pirman
  • 3
2 Solutions
You shouldn't configure all machines in the same subnet, that will not work at all.

What I suggest you do is configure the store and shop clients to use the Main location SBS as the DNS servers. The DNS servers hold information regarding domain configuration. And then attempt to add them to domain.
DHCP -  configure DNS server = IP address of SBS server.

All clients must point to SBS for DNS (and no where else)...  SBS server should be configured to resolve internet requests on behalf of the clients.

yes it should use the isp dns as forwarders.
Andrej PirmanAuthor Commented:
Thank you for comments.

As I understand, I need to modify DHCP on SBS to deliver IP addresses not only in its own IP subnet (, but also on 2 additional subnets:

...which also means that I need to add those IP subnets to SBS box, so SBS will have these static IPs:
- (this is SBS IP now)

Also, I need to stop DHCP servers on both VPN client routers, and configure DHCP forwarders instead, which both point to SBS DHCP.

All these changes I need to config manually.

Is this correct?

...or should I only configure DHCP in VPN client routers to use SBS's IP as primary DNS?
No,  you should leave the SBS dhcp alone.

You should however configure the DHCP on the Client router to give out the DNS settings to the clients as the IP of the SBS or you can also try configuring the SBS IP as DNS forwarder on the Client routers.  

...or should I only configure DHCP in VPN client routers to use SBS's IP as primary DNS?  - That is one of the options
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now