Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Setting up a VPN for external users

Status
Not open for further replies.

burnzdog

Technical User
Nov 18, 2004
20
US
Hello all

We currently have a VPN in place which i think needs updating. At the moment external clients connect by establishing a WAN connection, then there machines Host file is updated with the IP addresses of various servers. We then install an agent that contains the firewall security policy..... It seems a very complicated way of obtaining a connection to me.

What i would like to do is: set up a VPN server that authenticates the user with there domain account, so that the only config needed is a windows vpn connection that simply contains the address of the server.

But i need help in doing this..... can anyone point me in the right direction?
 
What resources do you have available in the way of Windows servers? What do you intend to use for a VPN server?
 
Well i will hopefully be able to have a server 2003 server that i can use, i want to try and recreate what we had at my last work place. My understanding of this was that it had 2 nics one had a static external address the other was a internal nic. The clients VPN connection would arrive at the server then use CHAP to somehow authenticate the domain user account.

Im sorry this is a little vague.
 
You could use a number of newer products, such as Sonicwall SSL-VPN- 200 or 2000. they allow for clientless connections, browser based. They can use Active Directory authentication and one less server to maintain. we are using one and it does the job. There are a number of brands that do the same thing and the pricing is around $400 and up depending on number of users expected (the ssl-vpn 200 is unlimted, but the usage saps th ionternal compnents over 5 or so people)
 
The 2003 server setup is fairly simple. You have the hardware setup right. See
The SSL VPN boxes available from various vendors sound nice, but do you really want security with a web browser in the middle?

The MS VPN client integrates well into a Windows environment and cost the same as the SSL solution. You would have a bit more in the server, but you should be able to support many more clients on one box and integrate fully with your network.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top