Solved

Setting up a VPN in Server 2008 using two NICs

Posted on 2011-09-13
21
557 Views
Last Modified: 2012-05-12
What is the best way to setup a VPN in Server 2008 using two network cards? Is there a step-by-step guide available for this configuration?
0
Comment
Question by:NWILSON4
  • 11
  • 7
  • 3
21 Comments
 
LVL 15

Expert Comment

by:The_Warlock
Comment Utility
0
 
LVL 1

Author Comment

by:NWILSON4
Comment Utility
I've looked at the article, but it doesn't really give me a step-by-step install guide. Thank you though.
0
 
LVL 5

Accepted Solution

by:
ErikCamacho earned 500 total points
Comment Utility
0
 
LVL 1

Author Comment

by:NWILSON4
Comment Utility
Thank you Erik. That's the kind of article I was looking for. I will try this tonight and post my reply asap.
0
 
LVL 5

Expert Comment

by:ErikCamacho
Comment Utility
Your welcome
0
 
LVL 1

Author Comment

by:NWILSON4
Comment Utility
I setup everything according to the support article; however, I am not able to connect from any computer outside of the network. I am able to connect to the VPN from the local area network, but not externally. I am using a Linksys router and I do have port 1723 forwarding to the 2008 Server, as well as PPTP passthrough enabled. Any suggestions?
0
 
LVL 15

Expert Comment

by:The_Warlock
Comment Utility
What is the lan side address of the PC you are attempting to connect to? Is the remote PC attempting to connect to it have an Ip address on the same subnet? If so, that has to be changed since the Linksys will think its a connection coming from the local lan and cannot find said device.
0
 
LVL 15

Expert Comment

by:The_Warlock
Comment Utility
Other than that, it may be a simple NAT issue. Let us know.
0
 
LVL 1

Author Comment

by:NWILSON4
Comment Utility
The 2008 Server is on a 192.168.1.1 network, and the remote computer is on a 192.168.2.1 network. I made sure to make them different before I setup the VPN. Thanks
0
 
LVL 15

Expert Comment

by:The_Warlock
Comment Utility
Can you post the exact model of your Linksys and the current firmware version for us please? Thanks in advance.
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 1

Author Comment

by:NWILSON4
Comment Utility
Sure. The Linksys Router is a Wireless-G Broadband Router with SpeedBooster   WRT54GS
Firmware Version: v1.52.8  
0
 
LVL 15

Expert Comment

by:The_Warlock
Comment Utility
Is the local server using a firewall? Have you either disabled it or placed an exception in the rules for it? Otherwise, follow the link below and verify your settings.

http://www6.nohold.net/Cisco2/ukp.aspx?pid=96&vw=1&articleid=4594

Hope this helps.
0
 
LVL 1

Author Comment

by:NWILSON4
Comment Utility
I have disabled the firewall, and made sure that the exception is in place. Neither has resolved the issue. Also, the Linksys router does not have a VPN Tunnel option, only passthrough selections, which are all enabled. What else could be blocking an outside connection? As I said before, LAN connections to the VPN work just fine. It's the outside connections that aren't working.
0
 
LVL 15

Expert Comment

by:The_Warlock
Comment Utility
I would first update your firmware on the linksys. This should allow for more options for tunneling(however, I caution this as you will need the model and exact version number of you router which can be found on the underside of the device and if you choose to do so, please do it from a PC that has a WIRED connection and not wireless). Secondly, ensure both ends are using the same encryption settings and they are attempting to access this server using your ACTUAL wan Ip address.
0
 
LVL 1

Author Comment

by:NWILSON4
Comment Utility
Ok. I am not onsite right now, so I can't check for the exact hardware version of the router. Where can I check the encryption settings? And I think it could be a problem with NAT. Where can I make sure that the VPN pool is excluded from NAT rules?
0
 
LVL 15

Expert Comment

by:The_Warlock
Comment Utility
After doing some further research on this(and your given firmware version) if you are using a v5 or 6 device you may be out of luck as there seems to be a bug when using PPTP. After you check your model/version of your device and compare your current firmware with the one currently available for download from:
http://homesupport.cisco.com/en-us/support/routers/WRT54GS/download

if they are the same then you are stuck with this bug in the code. There seems to be an issue with v5 > on those devices and the firmware available. As an alternative you can go and review open source codes available to achieve your intended use without having to purchase another router at:
http://www.dd-wrt.com
I've heard nothing but great reviews but its only a suggestion. You are advised to do so by your own choice as this voids any Linksys device warranty if one actually still exists. Just a suggestion.
0
 
LVL 1

Author Comment

by:NWILSON4
Comment Utility
I checked the hardware version of the Linksys WRT54GS router, and it's version 6. We are already running the latest firmware version 1.52.8. I plan on installing another Linksys router, version WRT54G, to see if I can get the VPN working through that one. I'll keep you posted on my results.
0
 
LVL 1

Author Comment

by:NWILSON4
Comment Utility
Sorry for the delayed reply. I am installing the other router early next week. I was not able to take down the Internet connection for their office. One thing though: Is there anything I should be checking on the Client side to make sure that everything is setup properly to connect to the VPN? I am using Windows XP and Windows 7 built-in VPN connection client to make the connection.
0
 
LVL 5

Expert Comment

by:ErikCamacho
Comment Utility
Do you have a dmz option on your router to put your server on?
It may allow to to get past the pptp issues
0
 
LVL 1

Author Comment

by:NWILSON4
Comment Utility
I put the Server on the DMZ, but I was still not able to make the VPN connection to Server 2008. I receive an error 800 on the client side. Is something not setup right on the Server now?

I followed the article that you sent at first:

http://www.thomasmaurer.ch/2010/10/how-to-install-vpn-on-windows-server-2008-r2/

One question though. What do they mean by this in the article?
Add secondary IP Address to the Server network interface which is in the same subnet as this pool.

0
 
LVL 1

Author Comment

by:NWILSON4
Comment Utility
OK. So I was able to make a VPN connection to the 2008 Server (I had to make sure that the encryption settings matched between the Server and the client side). Thank you for all of the help.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Redirected folders in a windows domain can be quite useful for a number of reasons, one of them being that with redirected application data, you can give users more seamless experience when logging into different workstations.  For example, if a use…
Some of you may have heard that SonicWALL has finally released an app for iOS devices giving us long awaited connectivity for our iPhone's, iPod's, and iPad's. This guide is just a quick rundown on how to get up and running quickly using the app. …
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now