Server 2003 VPN Failover\Redundancy

Is it possible to add another VPN server to my existing enviroment incase of downtime\crash\act of god, to seemlessly allow users the ability to connect.  I am aware that the users connected to VPN1 will be disconnected and in turn have to VPN back into the office. I would Like VPN2, upon failure of VPN1, to begin authenticating new connections immediately.
Is it as simple as adding VPN2 to the FW rule so that specific VPN traffic is directed to it?
Assign some kind of cost to the servers? Something in RRAS?

Enviro: Active Directory 2003
VPN server:  Windows Server 2003 Standard edition, RRAS configured. No other roles installed

Everything is working fine at the moment. Just thinking proactively here. The existing VPN box is a VM sitting on a Vsphere host. I would like to make the second(failover VPN) a Physical server. Possibly Server 2008.

Thanks in advance for your help
fersher1975Asked:
Who is Participating?
 
Justin OwensITIL Problem ManagerCommented:
You can set up two VPN servers with network load balancing.  By doing this, a single IP is assigned to the load and they go back and forth in answering requests.  Additionally, if one of them fails, it automatically falls to the still up server.

http://technet.microsoft.com/en-us/library/cc784697%28WS.10%29.aspx

For a how to not using ISA, you can see here:

http://technet.microsoft.com/en-us/library/cc787524%28WS.10%29.aspx

For a how to using ISA, you can see here:

http://www.isaserver.org/tutorials/Configuring_Fault_Tolerance_and_Load_Balancing_for_Windows_2003_ISA_FirewallVPN_Servers.html

DrUltima
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.