Need VPN Suggestions

[WannaFly]

I am looking to allow about 7 users have a VPN connection to our office.

They need to be able to browse the network and get files off of their computers just like a LAN. I believe VPN is the right solution for this.

I have read and gone through setting up a VPN server win windows 2000 server. My question is is that the recommended way, or is using hardware like the linksys BEFVP41 a better choice? Also, on 2000 server is it really as easy as it seemed? Any suggestions would be great. Thanks!

 

[AlexIT]

Dougpci,

I dislike the server-based VPN solution. I have set this up several times and I usually recommend replacing this as soon as I am done. This loads the server pretty hard, and in most cases you have to have an internet router or firewall device anyway so buy one that hosts the VPN connections.
If you must use this, set the router to forward ports to your server and then set the server as a RRAS VPN server. Follow the M$ technet you listed and watch out for the number of VPN connections that are created automatically (it makes PPTP and L2TP both, you only want PPTP.) Then the users can be configured at the AD server to allow remote access and they should be able to log in remotely to the server. (NOTE: This DOES NOT eliminate the domain browsing issued discussed above, you must have an LMHOSTS file to preload the network ip/names for each client PC --> "PTPP is designed as secure client server connections. This should be referred to as ELAN because this is Extended Local Area Networking, you will not be able to browse the network (EVER) using PTPP VPN. That traffic is not permitted under the M$ standards.&quot

Alex

 

[WannaFly]

alex, thanks for the informative posts!

I have setup the VPN, using a netopia r910 router as the VPN "server". I am using PPTP (with MMPE, but i might disable it, seems REALLY slow). And then i madea shortcut to the server "192.168.1.1" and then it just asks for their usual login name/pass. I couldnt find where to tell it to remember the pass for that. The VPN doesnt connect automatically, i made a shortcut on the desktops.

it seems to work pretty well, i am just worried about speed, each connection is on cable, and it took about 7sec to open a 185K file. I am going to disblae MPPE and see if that speeds it up, i have read that that takes a 40% overhead of the bandwidth.

Regarding the LMhosts, the other viable option would be to setup a WINS server and have the DHCP server give clients the IP of the wins, correct? I havent done that in this case because the remote clients only need info off of the server that has a static IP.

Thanks!

 

[AlexIT]

Wannafly,

I am glad that your system is running. I have not used MMPE with my installations because of the speed issue (the manual warns this makes it slow, so I never enabled this...)

Yes, I suppose you could try a WINS server solution. I have this immense dislike of WINS and I wish there was someone you could hit at M$ for ever birthing that thing. (Just put the guy out front, and I'll come punch his nose.) I was overjoyed when they became compatible with the remainder of the planet and began using DNS as the primary name resolution system (since Win2k.)

But, you could set up a WINS server