Solved

windows server 2008 SE single nic card VPN solution

Posted on 2012-03-26
2
703 Views
Last Modified: 2012-06-27
I am in need of some clarification of a VPN solution and possibly someone to implement it for me.

My client installs wind turbines for his customers and as you can imagine they are in remote locations away from his clients.

These turbines are supplied with a Cisco router pre-configured on a wired network to the turbines web server.
CISCO INFO:
LINK: http://www.cisco.com/en/US/products/ps9925/index.html

My client then purchases and connects the Teletonika 3G modem/router to the Cisco router to provide internet access. *Static I.P. address sims
TELTONIKA INFO:
LINK: http://www.teltonika.lt/en/pages/view/?id=952

He needs to be able to allow his clients access to the Cisco router that in turn has access to the wind turbines web server http:// and or https:// address on port 80/443 that has a web site that shows the current activity of the wind turbine.

He also wants to be able to access all the turbine's he has installed, while he is on the road and not just from his office.

This would mean that three VPN connections to each Cisco router.
1 for my client / 1 for his client / 1 for the turbine supplier.
(the turbine supplier already has a gateway - to - gateway VPN connection to the Cisco router)

This can be done via WiFi from the Teltonika or Directly connecting (wired connection) to back of Cisco router.
*Neither of these is a viable solution. as his clients usualy do not live on site, and he requires access while on the road.

Currently he has a Teletonika 3GP modem/router that allow internet access to the Cisco router.

The suppliers of the wind turbine have set-up a gateway - to - gateway VPN connection to the Cisco router that allows access to the wind turbine web site via the Teletonika modem/router.

How I imagined this would work:
A client would connect to the windows 2008 VPN server (via internet connection) that in turn would assign  an I.P. address and route that I.P. address/user to the desired external Cisco router (via RRAS) over the internet.
(connecting to Cisco router via the internet as provided via the Teletonika 3G modem).
Once the VPN is established the client could enter the web address of the remote wind turbine web server in his browser and access the web site of the turbine.

=======================================================================

There are other allowed VPN connection types that are possible on the Cisco router
I.E. Client to gateway / VPN client access / VPN pass through / PPTP server.

We could set-up a direct VPN client access solution for my client and his clients, but was hoping for a more elegant solution.

The server I have purchased is on a 12 month contract so that would have to stay as is.
(1and1 windows 2008 SE with RRAS, *Unless this is an unusable with 1 NIC card)

The Cisco routers are provided and configured by the turbine supplier, so will stay as is but can be configured.


I may have over complicated matters by putting the web server in the diagram, if i am correct in thinking that once connected to the remote network (Cisco router) the client would automatically be able to see the web server I.P. address and port 80/443.
VPN.png
0
Comment
Question by:firstnetsupport
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 

Author Comment

by:firstnetsupport
ID: 37770350
can you give some indication of the IP settings at each stage? ie

DHCP/Static/range/Gateway
0
 
LVL 29

Accepted Solution

by:
pwindell earned 500 total points
ID: 37771869
The Cisco devices are ALREADY a "router",...so there is no need for the Teltonika's to be doing anything more than acting as a Media Transceiver only (a "modem").

The Cisco Device would each act as their "own" VPN Device.

The Clients would run a VPN Client (such as the Cisco VPN Client) and would connect individually to each Cisco Device individually one at a time.  This means they need either Static or Reserved IP#s so that you always know what they will be.

What I see in you diagram with a "VPN Server" does not appear to be physically or technologically possible to me.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Sync home folder not working- urgent 13 54
Simple Fibre Question 6 56
TZ400 VPN Clients 5 40
domain administrator and domain admin user 3 54
Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question