Link to home
Start Free TrialLog in
Avatar of Maggi Soffa
Maggi SoffaFlag for Iceland

asked on

I want to build site to site VPN with Windows servers as routers

I want to build site to site VPN with Windows servers as routers. Is that possible ? I have 6 places to connect togehter.
ASKER CERTIFIED SOLUTION
Avatar of Christian KAZADi
Christian KAZADi
Flag of Canada image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Maggi Soffa

ASKER

What would be the recomented way to do this ?
Similar to Maggi's comment I do not recommend this.  The better option is to use VPN capable routers. Much easier to set up and maintain, more secure, and easier to manage.

Cisco, Sonicwall, WatchGuard, Juniper, etc. all have equipment which offers this capability.  If price is a concern, probably the Cisco RV042G is the best option at about $200 US, however there are much better  and more secure options available.
What is the current environment where this is contemplated.
Does either side have a static IP.
Usually on the router you would forward port 500/4500 to the server behind to avoid exposing the server entirely to the Internet.

The routers on each will need to be configured for forward remote Lan traffic to the Windows server that will be maintaining the VPN.

There are different ways including using openVPN to setup the site to site VPN....
I have done this repeatedly using the free version of Untangle which includes OpenVPN.  Works solidly.  You can use Untangle on a VM as your router, buy an untangle device, or you can use an old PC with dual network cards.
I would agree with the recommendations to have a separate router/firewall to do the VPN.  Similar to Lee's suggestion, I've been using PFSense software with used i5 PCs, new SSD (small), and a used Intel 4-port card.  Usually runs about $200 for hardware.