EdMacFly
asked on
VPN using Smoothwall, ISA 2006 and Server 2003
I'm attempting to configure my company network to allow our external sales force to connect to our internal server via VPN. I have read various tutorials but am still not sure the best way to do this. The network setup we have here is as below:
EXTERNAL LAPTOP -> {INTERNET} -> SMOOTHWALL -> ISA 2006 -> SERVER 2003
Do I need to configure both the ISA box and the Server to accept VPN connections?
Has anyone got any links to some in depth tutorials for setting up a VPN connection with similar structure to mine?
Should the Smoothwall firewall just forward the connection through? What ports would it need open?
Sorry for all the questions, hope someone can shed some light.
TIA
EXTERNAL LAPTOP -> {INTERNET} -> SMOOTHWALL -> ISA 2006 -> SERVER 2003
Do I need to configure both the ISA box and the Server to accept VPN connections?
Has anyone got any links to some in depth tutorials for setting up a VPN connection with similar structure to mine?
Should the Smoothwall firewall just forward the connection through? What ports would it need open?
Sorry for all the questions, hope someone can shed some light.
TIA
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
nagaraja75
You could consider to use pfsense instead of smoothwall and anyway try to exlude PPTP connection and use IPsec only VPN
ASKER
als315 - the smoothwall box has the external IP assigned to it so all attempted connections will hit that first.
How do I use master for new VPN connections?
Thanks for the replies.
How do I use master for new VPN connections?
Thanks for the replies.
If all necessary ports are forwarded to ISA, go to ISA Management, open server, find Virtual Private Networks (VPN)) and on the right side (Tasks) will be asters with some steps.
ASKER
Managed to get this working but with some outstanding issues that I will leave for another question. My solution was to download an addon that allows for all of the ports mentioned in the first post to be correctly forwarded.