philliplaw
IS-IT--Management
It has been years since I setup a VPN server. Where I used to work, we had ISA server sitting between the internet and internal network.
Now I am working at a much small business and I am not sure where to start.
We have a business DSL modem with 5 static IP address.
For this example, they are 99.64.xxx.xx1 - 99.64.xxx.xx5
Currently:
The DSL modem is connected directly to the hub stack. All machines on the internal network are 192.168.1.1 - 192.168.1.230
The DSL modem has an internal network address of 192.168.1.254. If I browse to 192.168.1.254 from inside the network, I can get the control panel for the modem. 192.168.1.254 is also the gateway for all machines to get onto the network.
Our server is Windows 2008 SBS sever. The computer has two network cards. One NIC is disabled and the other is connected to the hub stack (192.168.1.1).
Option/Way 1:
Change the internal network address of the modem to 99.64.xxx.xx1. Disconnect the modem from the hubs and connect it directly to the disable NIC in the server. Set the IP address on the disabled NIC to 99.64.xxx.xx2. Configure VPN on the server to use 99.64.xxx.xx2. When connect from outside to the VPN, use 99.64.xxx.xx2. The machines inside the company would need to use 192.168.1.1 as the gateway to get to the internet. The server would act like a multi homed router. Is the correct way to do this? Is this safe since we do not have ISA or Forefont? The server would be exposed to the world through that NIC
Option/Way 2:
Leave the internal modem address set to 192.168.1.254 and leave the modem connected directly to the hub stack. Configure the modem to pass the information through somehow to the non-routable address inside the network. I see a WAN setup area in the modem control panel. They talks about PPP over Ethernet. I have no idea what this is.
Thank you in advance for any help.
Phillip Lawrence
Now I am working at a much small business and I am not sure where to start.
We have a business DSL modem with 5 static IP address.
For this example, they are 99.64.xxx.xx1 - 99.64.xxx.xx5
Currently:
The DSL modem is connected directly to the hub stack. All machines on the internal network are 192.168.1.1 - 192.168.1.230
The DSL modem has an internal network address of 192.168.1.254. If I browse to 192.168.1.254 from inside the network, I can get the control panel for the modem. 192.168.1.254 is also the gateway for all machines to get onto the network.
Our server is Windows 2008 SBS sever. The computer has two network cards. One NIC is disabled and the other is connected to the hub stack (192.168.1.1).
Option/Way 1:
Change the internal network address of the modem to 99.64.xxx.xx1. Disconnect the modem from the hubs and connect it directly to the disable NIC in the server. Set the IP address on the disabled NIC to 99.64.xxx.xx2. Configure VPN on the server to use 99.64.xxx.xx2. When connect from outside to the VPN, use 99.64.xxx.xx2. The machines inside the company would need to use 192.168.1.1 as the gateway to get to the internet. The server would act like a multi homed router. Is the correct way to do this? Is this safe since we do not have ISA or Forefont? The server would be exposed to the world through that NIC
Option/Way 2:
Leave the internal modem address set to 192.168.1.254 and leave the modem connected directly to the hub stack. Configure the modem to pass the information through somehow to the non-routable address inside the network. I see a WAN setup area in the modem control panel. They talks about PPP over Ethernet. I have no idea what this is.
Thank you in advance for any help.
Phillip Lawrence
