Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

How to setup Site-to-site VPN with SBS 2003 R2 Premium

Status
Not open for further replies.
bracph

bracph

MIS
Mar 11, 2008
31
PH
Hi,

I have been trying to setup a Site-to-site VPN that would connect 2 offices and share on the Networks resources and of the SBS 2003 functionality.

For the 1st Office we have the following setup:
2 ISP connected to
1 PePLink 380 Router with IP -- 192.168.1.1/255.255.255.0 (DHCP disabled)
1 Windows 2003 SBS R2 with 2 NIC
NIC 1 IP -- 192.168.1.2/255.255.255.0 connected to PePLink
NIC 2 IP -- 192.168.2.1/255.255.255.0 connected to LAN switch as DHCP Server/AD/Exchange, NO ISA

as for the 2nd Office:
2 ISP connected to
1 PePLink 380 Router with IP -- 192.168.3.1/255.255.255.0 (DHCP enabled) connected to LAN switch

If i can successfully do the connection, i will disable the DHCP of 2nd office and let all the pc from 2nd office get the IP from 1st office.

AS of now, using the Site-to-site VPN configuration of the PePLink, i can connect the 2 router and ping each routers IP, however, I cant ping anything else behind the router.

Any ideas on how i can get pass this issue?
 
Sort by date Sort by votes
Hi,

Your idea for DHCP won't work. This is because if you have all machines on the same subnet then the traffic for the remote office won't make it across the VPN link. It will be assumed that they are on the same physical LAN so the traffic won't be routed down the tunnel. This is also a problem if your VPN link breaks as everyone at the remote office will have nothing at all, not even an Internent connection.

Your problem with pinging anything behind the routers is because you need routing table entries at both ends on all computers so they is a complete path back and forth.

Also this question should really be in the VPN forum.

I hope this helps.

Thanks.


Gavin Moorhouse

Interested in my personal blog?
 
Upvote 0 Downvote
In theory, this should be possible. Now I may have had an underlying problem, but when I tried to do this, I could not get traffic to see clients on BOTH networks. Servers saw each other, but the clients on one network could not see the clients on the other (Network A saw B, B DID NOT see A).

Eventually, I just decided to forget the idea of a Windows Site-to-Site VPN and I purchased a couple of cheap NetGear VPN Firewall devices. They've worked pretty well and I spent $50. And the link stays up even when the server is down. The only downside is that the netgear devices max out at 2.1 Mbits upload... but that's not a problem in this circumstance since one site has a 2Mb upload limit anyway.

-Lee

Those who ask why, learn
 
Upvote 0 Downvote
In my instance, I wasn't concerned about browsing - or even \\servername and \\workstation name - I couldn't PING - which has no reliance on WINS, especially when pinging by IP.

-Lee

Those who ask why, learn
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ravalos
  • Locked
  • Question
Problem with PDFs in IIS
Replies
1
Views
514
gbaughma
gbaughma
DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
0
Views
222
DTGMI
DTGMI
microsGuy16
  • Locked
  • Question
Can not copy files to Mapped drive
Replies
0
Views
253
microsGuy16
microsGuy16
DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
303
DrB0b
DrB0b
tscstl
  • Locked
  • Question
access to local folder
Replies
1
Views
131
hairlessupportmonkey
hairlessupportmonkey

Part and Inventory Search

Sponsor

Back
Top