• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 733
  • Last Modified:

SBS 2003 VPN and new address pool

Dear experts,

I have a network based on 192.168.1.x IP range. After I setup VPN ( address pool range 192.168.1.150-200 ) i realized that most of the users use the same IP range at home trying to connect with VPN. Access via VPN  to office network resources is almost impossible.
Is there a way to change IP class and range for all VPN connection from 192.168.1.x to 10.x.x.x.

Thanks,
0
siemian
Asked:
siemian
1 Solution
 
Aland CoonsSystems EngineerCommented:
Yes, if you are also willing to change your LAN IP range.  This is why I prefer a 10.x.x.x range when setting up a company LAN.  If that is not possible I pick an alternate 192.x.x.x range like 192.168.55.x.

I have successfully setup a point-to-point VPN using ranges like 192.168.91.x thru 192.168.96.x with home customer remote VPN connecting from their home networks.

The VPN will work as long as the network portion of the IP address is different.  The network portion is that portion behind the subnet.  So when your subnet (per your example) is 255.255.255.0 then your network address is 192.168.1.0.  You just need to change part of the first three octets.  So an address like 192.168.99.0 would work.

Most home routers are setup with 192.168.0.x or 192.168.1.x.
0
 
Rob WilliamsCommented:
You can change the "Static address pool" range assigned to client machines by opening the RRAS console, right click on server name and choose properties, then under the IP tab choose to use a static address pool rather than DHCP. This will still use DHCP for client machines but it will draw from this pool. The first IP in the range will be assigned to the server.
HOWEVER, this does not solve the problem as the the LAN is still on the same subnet and you cannot have two network segments in a path that are the same. It will allow access to the server, but no other device on the LAN.
Your only option is to change the Corporate LAN. If doing so in an SBS network you MUST use the change server IP wizard located under server management | Internet and e-mail. Once complete re-run the connect to the internet wizard (CEICW). Make sure you do a full backup of the server first. On a few occasions changing the server IP on SBS has been known to corrupt some services. Not using the change server IP wizard will definitely do that.
With SBS do you really need a VPN? Using built-in services available to SBS it is seldom needed and a VPN allows unrestricted access by the remote user including transferring of viruses. RWW, OWA, Sharepoint, and rpc/http are better choices.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now