Re: VPN Setup
From: Todd J Heron (todd_heron_no_spam_at_hotmail.com)
Date: 02/21/05
- Next message: Todd J Heron: "Re: Pagefile size for a domain controller"
- Previous message: Sabo, Eric: "Re: Pagefile size for a domain controller"
- In reply to: Kieran: "VPN Setup"
- Next in thread: Kieran: "Re: VPN Setup"
- Reply: Kieran: "Re: VPN Setup"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 21 Feb 2005 15:05:16 -0500
>"Do i change the IP address of the 'internet' network card to the fixed ip
>address?
No. That is the address of the DSL router. The Ip of the 'internet'
network card should be one off from the DSL router. Consult with your ISP
first but for example if the DSL router is 64.9.149.52, the IP of the
'internet' network card might be 64.9.149.53.
>"Do i changed the 'internet' network card's preferred DNS server to the
>ISP's preferred DNS server?"
No. Internal Active Directory domain clients should be configured to use
only an internal DNS Server hosting the zone name for the Active Directory
domain. This includes your SBS itself on *all* network card interfaces.
The only place ISP DNS servers belongs in the network is under your DNS
server's Forwarders tab, not anywhere in any place on internal domain
clients, to include DNS servers. You'll want to add a forwarders for
internet browsing resolution.
How to add a Forwarder:
1) Open DNS management console snap-in
2) Right-click the server name and select Properties
3) Click the "Forwarders" tab
4) Add your ISPs DNS servers here. As a tip, you may also want to add a
couple others for fault-tolerance. Some suggest using Verizon DNS servers
for this purpose, which are 4.2.2.1 and 4.2.2.2. Note: If these options are
not available, expand the Forward Lookup Zones and delete the "." zone.
HOW TO: Configure DNS for Internet Access in Windows Server 2003:
http://support.microsoft.com/default.aspx?scid=kb;en-us;323380
Best practices for DNS client settings in Windows 2000 Server and in Windows
Server 2003:
http://support.microsoft.com/default.aspx?scid=kb;en-us;825036
>"Do i then run the Internet connection wizard and enter these IP addresses
>in the VPN section?"
No. Don't run ICW of this box. Open up RRAS and run through the wizard
telling it you want to create a VPN and NAT w/firewall enabled on 'internet'
network card if you do not have firewall capabilities on your DSL router.
1) Go to: Start > Programs > Administrative Tools > Routing and Remote
Access.
2) Click on Action > Add Server (which will be your server).
3) Initiate the Routing and Remote Access Setup wizard and tell it you want
to set up a VPN server. Also tell it to enable a basic firewall on the
external interface. The wizard will ask you how to allocate IP addressing
information to VPN clients. You should tell it to allocate a pool from your
DHCP server (which should be located on another machine, avoid using the
built-in RRAS DHCP allocate unless you set this pool as an exclusion range
on your actual DHCP server).
Microsoft Windows Server 2003 Remote Access/VPN Server Role
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/serverroles/remoteaccessserver/default.mspx
-- Todd J Heron, MCSE Windows Server 2003/2000/NT ---------------------------------------------------------------------------- This posting is provided "as is" with no warranties and confers no rights
- Next message: Todd J Heron: "Re: Pagefile size for a domain controller"
- Previous message: Sabo, Eric: "Re: Pagefile size for a domain controller"
- In reply to: Kieran: "VPN Setup"
- Next in thread: Kieran: "Re: VPN Setup"
- Reply: Kieran: "Re: VPN Setup"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
