SBS2008 VPN failover.

afurness
afurness used Ask the Experts™
on
Hello, I have an SBS2008 Virtual machine running as a DC, VPN server etc.
This is running as a virtual machine on a 2 node Hyper V R2 cluster (hosts on Server 2008 Enterprise).

Currently I have failover for everything if a physical node fails, but if the virtual OS fails (IE the Node is still up but for some reason the SBS2008 VPN server hangs), I have no VPN failover and am wondering what options I have to have a backup VPN server that will take over if the SBS2008 VPN server hangs (as opposed to the host server hosting the virtual machine.


Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
I don't really know how to achieve this with Windows-managed VPNs. Is there another Windows server in the network?
When I have to implement high availability VPNs, I use VPN concentrators with a backup unit that will work as failover. One brand I recommend for this is SonicWALL.

Author

Commented:
Yes there is, I have an additional Windows server 2008 standard separate phydical box actiing as a file server and additional DC.

Author

Commented:
I also have another Virtual server (Server 2008 enterprise) running on the other node in the cluster.
From what I have seen here, it seems to be possible only if you have a cluster.
Anyway, I think that blog is a good place for you to gather some info, at least until someone more experienced with this kind of setup comes along.
I'm curious: has the issue of the SBS hanging (therefore, no VPN) happened much?

Author

Commented:
Thanks for the link, I'll take a look.

I'm thinking of setting up Network load balancing Cluster (and assigning the VPN service to the NLB cluster) between the SBS2008 box and the Server 2008 R2 Enterprise box on the other Hyper V node.

No, the SBS2008 Virtual machine is very stable and I've had no issues with VPN at all, but I just want to set up some sort of VPN failover, just in case the SBS2008 VM fails for some reason in the future.

Greg HejlPrincipal Consultant
Commented:
have you considered windows NLB?

i haven't used it for a vpn application but would be worth testing.

http://blogs.technet.com/b/rrasblog/archive/2009/07/02/configuring-network-load-balancing-nlb-cluster-of-vpn-servers.aspx

Author

Commented:
Hi, thanks guys, you both put me in the right direction.
I think NLB is the way to go. I don't know yet how a Hyper V  Failover cluster will impact on creating a NLB cluster, but from what I've read so far it should work ok.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial