Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

VPN - Newbie

Status
Not open for further replies.
exactiv

exactiv

IS-IT--Management
Aug 13, 2003
17
IE
Hi.

I've read a load of other threads on this subject but nothing seems to match the kindof setup that I have.

My company has two offices two different cities about 80 miles apart. One is HQ the other is just a small branch office. We also have staff who work from home on their laptops.

At HQ we have
1x Windows 2003 Server acting as
- Domain Controller
- dhcp server
- file server
- dns server
- print server
10x Windows 2000 client machines
1x switch
1x Wireless broadband connection (3mb)with a static ip
1x 3com office connect wireless gateway acting as
- wireless router
- firewall

At the branch office we have
3x Windows XP machines
1x DSL line (2mb) with a static ip
1x motorolla wr850g dsl router acting as
- wireless router
- dhcp server
- firewall

External staff have windows xp laptops and broadband internet connections.

What we need is:
- A permanent secure connection between out two offices to provide access to files locted on our server.
- Ability for external staff to connect to our server and access files etc.

Any suggestions would be most appreciated.
 
Sort by date Sort by votes
You need to bring up an ipsec tunnell between the sites using routers or you could use the Windows 2003 server as a VPN server, Let me know what you would like to do.
 
Upvote 0 Downvote
I would prefer to purchase routers as I'd like to keep my server for file storage etc.

What would you reccommend? Would I need to purchase a firewall as well?
 
Upvote 0 Downvote
I would go with Link sys and this FAQ has served me well.

The Linksys VPN routers BEFVP41 and BEFSX41 are great devices for setting up LAN to LAN VPNs quickly and easily. The VP41 allows up to 70 VPN links, the SX41, 2

In a static IP environment setting up the VPN links is straightforward. Go to the VPN tab on the router setup and follow the Linksys instructions on creating the VPN

For sites with one or both (or multiple) dynamic IP addresses, it is only slightly more complex.

Firstly go to register there(FREE) and (preferably from the site that has a dynamic IP address) create an account name for your dynamic IP address location for example: companyname.dyndns.org. If you have multiple dynamic IP sites, register one for each of them.

At the Linksys VPN router at the dynamic IP site click on the Advanced tab and select the DDNS tab. Enter the details of your Dyndns account, click Apply and you are set to go. This gives you a Fully Qualified Domain Name which you can use for your VPN. When the IP address of the dynamic location changes, it updates dyndns and there is no (minimal?) interruption in your VPN link.

This is also useful for anything else, for example if you want to run remote desktop or terminal services or a web server.

Thereafter it is a case of creating the VPN tunnels on both routers (REMEMBER to click Apply when you have entered all the details BEFORE you click on Connect!) - at the dynamic IP site router, connect to the static IP address of the other router, at the static address site, use the Dyndns FQDN to resolve the address of the dynamic site.

A very useful tip - make sure you have strong passwords on both routers and then enable remote management. In this way you then have access to the routers from anywhere and you can work on setting up the tunnel on both routers simultaneously. While you are setting it up, you might have to get someone at the dynamic IP site to look at the router's status page to tell you what the then current IP address is, so you can get in there and set up the DDNS

NOTE: to access the router, use http:\\IP address OR FQDN:8080 this will give you your remote router's logon (Only if remote management is turned on)
 
Upvote 0 Downvote
Excellent. Thanks.

That will sort out the site to site issue.

Any suggestions for setting up remote user access (e.g. someone working on their laptop from home)?

Would the same linksys router do the trick?
 
Upvote 0 Downvote
I would bring up a VPN server using 2000 or 2003 in a dmz zone off of the router.
 
Upvote 0 Downvote
What sort of security measures would I need to put in place? Would a firewall be enough? Or would I need to alter some settings in windows?

Thanks for all your help by the way :)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

teknance
  • Locked
  • Question
Discovering Portugal: Uncover Hidden Destinations and VPN Solutions
Replies
5
Views
437
GlobeTrekkerGal
GlobeTrekkerGal
sarahz2
  • Locked
  • Question
Best vpn safe and fast
Replies
4
Views
325
GlobeTrekkerGal
GlobeTrekkerGal
MP2023
  • Locked
  • Question
How to Create an site to site VPN
Replies
1
Views
268
sircles
sircles
ramblingrebel
  • Locked
  • Question
Built-in Windows 10 VPN
Replies
1
Views
230
Joon Smith
Joon Smith
LearningNetworking
  • Locked
  • Question
Linking Hosts on the same subnet via VPN
Replies
0
Views
304
LearningNetworking
LearningNetworking

Part and Inventory Search

Sponsor

Back
Top