Re: Connection sharing on demand

I think you could do it with a second computer.

1) Put the ICS box (private side) on a different subnet than the LAN - ICS
defaults to 192.168.0.1, but you can change it without problems.
2) Put a Windows 2000 box with a NIC on each subnet (one on the LAN subnet
and the other on the ICS box's subnet.
3) Set up the W2K box to accept VPN connections. The default client setup is
to use the default gateway on the remote network I believe - but double
check that.
4) Create accounts on the VPN server for users you want to have Internet
access. I believe W2K allow either 5 or 10 Simultaneous VPN connections, but
check me on that, too. If you need more, you'll need a Server OS or a Linux
solution or something (check out Cyberguard's free PPTP VPN Server for
Linux). You could also use the VPN server box to hand out DHCP addresses on
the local LAN if you use a server OS or Linux.

When users start their computers, they'll get a DHCP address. When they need
Internet access they'll start the VPN (desktop shortcut). They'll need to
enter their username/password to connect. They'll use the default gateway on
the remote network (which would be the ICS box) to connect to the Internet.
Be sure to use a static pool for VPN connections and supply a default
gateway.

Should work!

....kurt

"Luiz Borges" <luiz_borges@xxxxxxx> wrote in message
news:1144515871.684711.241340@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hi,
I have a network in my office with about 20 desktops running XP Pro and
some of them running Win98, they all have internet connection through
ICS on an old PC running Win98.

Now, I need a way to restrict the internet connection without restring
LAN access, so I'm thinking in make that old PC run Win2000 (as I don't
think Win98 will handle what I need) to run a DHCP server to provide
basic LAN connectivity, AND providing some sort of dial-up-like
connection to internet. So any user who have a logon to connect on the
internet can sit in any of the terminals and just dial-in to get
connected.

I think that can be done with some sort of "reversed" VPN (you connect
to get out, and not in), but that seems kind lame. Maybe NAT is the
answer, but I have no idea on how to implement that.

How can that be done?

Thanks in advance,
Luiz Borges



.

Relevant Pages

  • RE: Missing web services configuration pane
    ... Please contact the ISP to confirm what the exact connection type is. ... If it's a VPN type, you should have the VPN server side address. ... 825763 How to configure Internet access in Windows Small Business Server ... 241252 VPN Tunnels - PPTP Protocol Packet Description and Use ...
    (microsoft.public.windows.server.sbs)
  • Re: Setting up Windows VPN
    ... successfully use VPN connection within the home network. ... >> Thanks if anyone can help me to set up a home VPN network trough Internet ... The desktop is connected to LAN port, ...
    (microsoft.public.isa.vpn)
  • Re: ISA2004 kills VPN outbound
    ... I have the same problem connecting to several different VPN servers. ... > it use a hardware router or a windows-based computer to be its VPN Server? ... > connection will fail in some cases when a hardware firewall resides in the ... > |> FW client and configure the client as a SecureNAT client. ...
    (microsoft.public.windows.server.sbs)
  • Re: VPN Error 800 - Again
    ... Did you run the Configure Remote Access wizard after the Internet ... connection manager. ... Setup a vanilla VPN connection in Network Connections. ...
    (microsoft.public.windows.server.sbs)
  • Re: VPN client problems
    ... because my VPN client access will only be for short periods of time and I can do without Internet access during those times. ... This evidently is keeping me from Adding a Network Place for my connection. ... I set up a VPN client to another machine using its IP address with the correct username and password. ...
    (microsoft.public.win2000.networking)