Re: VPN server

Thanks, do I need to install a certificate server? The 5 users connecting
are on XP/Vista. Is PPTP encrypted?


"Herb Martin" <news@xxxxxxxxxxxxxx> wrote in message
news:uJa2L9tUHHA.1364@xxxxxxxxxxxxxxxxxxxxxxx

"Gonzo" <no@xxxxxxxx> wrote in message
news:%23CUfuztUHHA.3316@xxxxxxxxxxxxxxxxxxxxxxx
I have installed routing and remote access on my Windows 2003 server, what
do I have to do to get a couple of users to connect from home? I want the
connections to be encrypted, so maybe IPsec.

Well you have to configure the RRAS VPN service (see buiilt-in Help* or
ask more questions but you might wish to switch to, or crosspost, to an
RRAS focused group) on the server.

You have to choose either/both PPTP or L2TP (which uses IPSec) for the
protocols to support. PPTP is easier to setup and the only one natively
supporting legacy (NT/9x) clients but L2TP is more secure. L2TP is
going to require that certificates be available for the IPSec part to
work.

You will need to grant the users remote privileges in their AD properties
(Dial-in tab even though this is VPN) OR there set them to "Control
Access through Policies".

RRAS Policies are required but the default is to allow 24 hour access
(by everyone) so unless you wish to configure this more carefully it can
be largely ignored.

On the client you must create the equivalent (PPTP or L2TP) VPN
connections and possibly install the certificates.

If you have any firewalls external to the RRAS-VPN server you will
also have to configure it for either allowing or perhaps "port mapping"
to the VPN server. (e.g., PPTP uses IP protocol 47 and TCP 1723
and these ports and protocols are covered in the built-in help.*)

* The built-in Help is quite excellent and I suggest you search for the
following terms: [ checklist VPN ]

Maybe adding RRAS also.

Every major component of the OS (and many minor ones) come with
a "checklist" that will get you started and give you a solid basis for
asking specific questions about how to make specific things work.

--
Herb Martin, MCSE, MVP
http://www.LearnQuick.Com
(phone on web site)



.

Relevant Pages

  • Re: Bizzare ISA2004 VPN Issues, Please help
    ... If you use the Server Publish rule to publish an internal PPTP server to the internet, a socket on TCP 1723 port of ISA external ... you could still setup PPTP server on ISA and let it listen on TCP 1723. ... | - I disabled VPN client access from within ISA2004. ...
    (microsoft.public.isa)
  • Re: VPN Problem
    ... connections(for testing purposes), is a member of the domain and had me ... information to the symantec enterprise vpn software, ... before I was able to access the server. ... > Network "browsing" requires a WINS server on the remote network that is ...
    (microsoft.public.windows.server.networking)
  • Re: VPN between office and Home
    ... Hard Drive as my second location backup for my SBS2003. ... On the XP box at home, go to Control Panel -> Network Connections. ... for my second location backup my main server files. ... That is why I want to get a VPN ternnel instead of client VPN or RWW. ...
    (microsoft.public.windows.server.sbs)
  • Re: VPN Drops every 9 minutes
    ... Her office is running server 2003 for remote access behind a sonicwall ... Is the PPTP server terminated in the Sonicwall or in the Windoze 2003 ... Same thing the vpn drops every 9 minutes. ... "Event Viewer" for clues as to which end initiated the disconnects and ...
    (alt.internet.wireless)
  • Re: Error: cant find _ldap._tcp.dc._msdc.
    ... domain over a VPN? ... The DNS server name as listed in the DNS manager is cda.cdaxxxx.org.uk ... VPN connection to the top of the connections list. ...
    (microsoft.public.windows.server.dns)
Loading