Solved

SBS 2003 VPN  and new address pool

Posted on 2010-09-24
2
657 Views
Last Modified: 2012-05-10
Dear experts,

I have a network based on 192.168.1.x IP range. After I setup VPN ( address pool range 192.168.1.150-200 ) i realized that most of the users use the same IP range at home trying to connect with VPN. Access via VPN  to office network resources is almost impossible.
Is there a way to change IP class and range for all VPN connection from 192.168.1.x to 10.x.x.x.

Thanks,
0
Comment
Question by:siemian
2 Comments
 
LVL 12

Accepted Solution

by:
alandc earned 250 total points
Comment Utility
Yes, if you are also willing to change your LAN IP range.  This is why I prefer a 10.x.x.x range when setting up a company LAN.  If that is not possible I pick an alternate 192.x.x.x range like 192.168.55.x.

I have successfully setup a point-to-point VPN using ranges like 192.168.91.x thru 192.168.96.x with home customer remote VPN connecting from their home networks.

The VPN will work as long as the network portion of the IP address is different.  The network portion is that portion behind the subnet.  So when your subnet (per your example) is 255.255.255.0 then your network address is 192.168.1.0.  You just need to change part of the first three octets.  So an address like 192.168.99.0 would work.

Most home routers are setup with 192.168.0.x or 192.168.1.x.
0
 
LVL 77

Expert Comment

by:Rob Williams
Comment Utility
You can change the "Static address pool" range assigned to client machines by opening the RRAS console, right click on server name and choose properties, then under the IP tab choose to use a static address pool rather than DHCP. This will still use DHCP for client machines but it will draw from this pool. The first IP in the range will be assigned to the server.
HOWEVER, this does not solve the problem as the the LAN is still on the same subnet and you cannot have two network segments in a path that are the same. It will allow access to the server, but no other device on the LAN.
Your only option is to change the Corporate LAN. If doing so in an SBS network you MUST use the change server IP wizard located under server management | Internet and e-mail. Once complete re-run the connect to the internet wizard (CEICW). Make sure you do a full backup of the server first. On a few occasions changing the server IP on SBS has been known to corrupt some services. Not using the change server IP wizard will definitely do that.
With SBS do you really need a VPN? Using built-in services available to SBS it is seldom needed and a VPN allows unrestricted access by the remote user including transferring of viruses. RWW, OWA, Sharepoint, and rpc/http are better choices.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

The articles for turning off the Client firewall policy on the internet are for SBS 2008 and don't really help for SBS 2011. They actually moved the Client firewall policy. In 2011, the client firewall policy has moved to the SBS computers conta…
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now