Re: Setting up site-to-site VPN using SBS2000
From: Bill Grant (not.available_at_online)
Date: 10/22/04
- Previous message: William Cooper: "Re post Do not use dail up connection"
- In reply to: Brinkie: "Setting up site-to-site VPN using SBS2000"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 22 Oct 2004 10:20:38 +1000
Although it is possible to set up a site-to-site link between two Windows
servers, I would not recommend doing this between domain contollers,
especially in your case of where the sbs server is the primary server of
your forest/domain.
Using this server as a router is usually more trouble than it is worth.
It really causes all sorts of problems having the first DC in a
forest/domain multihomed.
Have you looked at using hardware routers to do the job? They are
getting cheaper and more versatile. You don't really want your DCs handling
this.
"Brinkie" <microsoft@brink.123.nl> wrote in message
news:%23ll6p%232tEHA.2808@TK2MSFTNGP14.phx.gbl...
> Hi,
>
> After wandering around the web for days, I turn myself to you with my VPN
> problem.
>
> I need to setup a perminent VPN connection between headoffice and a remote
> site (hosting location).
>
> Currently I have a SBS2000 machine at the headoffice running Active
> Directory. This SBS2000 machine is behind a firewall, but already accepts
> home users VPN settions requested for the headquarters LAN. This is
> configured in the firewall and up and running. On the remote site we
> currently have several W2k machines running as member servers in a
> workgroup.
>
> I want all machines on the remote site to be reachable as if they are
> situated in the LAN of the headoffice by people working at the headoffice
> or home workers (who have dialed in through vpn). People need to be able
> to access remote shares, open terminal service sessions and browse
> websites.
>
> My idea is to setup a perminent VPN session (or on demand) between the two
> sites (site-to-site) and to install a second Domain Controller at the
> remote location so user authorization at the remote site can be managed by
> the global Active Directory as well. This remote Domain Controller is also
> supposed to control the VPN session to the headoffice.
>
> My questions: Am I thinking in the right direction? What would be the
> easiest way to accomplish this? What do I need to setup at the headoffice
> and what at the remote location?
>
> An example implementation would be highly appreciated!
>
> Thanks in advance,
> Brinkie
>
>
- Previous message: William Cooper: "Re post Do not use dail up connection"
- In reply to: Brinkie: "Setting up site-to-site VPN using SBS2000"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
