?
Solved

How to setup VPN on Windows Server 2003 which acts as a Doman Controller?

Posted on 2011-05-10
3
Medium Priority
?
355 Views
Last Modified: 2012-05-11
I previously setup a VPN on my Windows Server 2003 which acts as a Domain Controller and had some security issues, see Previous Question

Is there a secure way to setup a VPN on my Windows box or do I need to figure out another way to setup a VPN?
0
Comment
Question by:GreyHippo
3 Comments
 
LVL 9

Accepted Solution

by:
rsoly777 earned 2000 total points
ID: 35731161
There can be some serious Security Implications with setting up VPN access straight to the Domain Controller. Your best be is to either set up another box and configure it as a VPN gateway or purchase a Hardware solution to handle the VPN negotiation. This is the safest way to do this.
0
 
LVL 11

Expert Comment

by:TheGorby
ID: 35731388
I agree with rsoly777 in that you'd be better off using a VPN capable firewall.

However, if you would like to do without then this article gives good info on what ports to open or forward: http://blogs.technet.com/b/rrasblog/archive/2007/06/13/ports-affecting-the-vpn-connectivity.aspx
0
 
LVL 4

Expert Comment

by:jason_0573
ID: 35731390
This is a complicated task. Essentially you need to set up RRAS (Routing and Remote Access Server) in the network and decide if you want the server in a DMZ zone ahead of your firewall or behind it. If behind it, ports need to be opened on your router/firewall to allow PPTP (Point to Point Protocol) Traffic or L2TP (Layer 2 Tunneling Protocol), which is more secure and requires certificates. The server acts like a router itself.  More information on this can be found in MS KB323441  - http://support.microsoft.com/kb/323441
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question