Re: VPN (PPTP), DHCP??, Help!!!

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

Hi, I can give you a starting point and a recomemdation...
1. If you have actual static IP's (as do I) you need a REAL FIREWALL. you
can buy them fairly inexpensively. I have used netscreen boxes before,
http://www.juniper.net/products/integrated/

I have also heard good things about Fortinet boxes...
http://www.fortinet.com/products/

If you have a static IP, you have an open window to the worlrd. If you want
real paranioia, load Zone-Alarm!.

I have heard that the cisco PIX series is OK, but they have limitations.
Also what you can buy at a superstore for $50 may allow you to set up VPN's,
but they don't do Stateful Packet Inspection. .....Again, how exposed do you
want to be????

Next, HIRE SOMEONE WHO KNOWS ABOUT SECURITY TO CONFIGURE YOUR FIREWALLS
(thats right, plural... you need a small one on each end of the tunnel,
preferably the same brand) Again, the question, how valuable is your data to
you (or to someone else). I had my ISP configure the first firewall we
bought. A friend of mine (who is a security consultant) and asked me if I
wanted him to run a test of my network. From a phone line he diled in, and
within a minute he had broken through my firewall. Also, get the update
subscription service.

Without seeing your exact network, I can't design a plan for you, but it
sounds like you need one....

Additionally, VPNS are usually dealing with Firewalls, and that newsgroup is
where you can get the best help in configuring one.

Again, My advice, Hire an Expert, Watch them and ask questions... That is
how we learn...

I hope this helps,
Sorry about getting on my soap-box
David Bock
"travis" <no@xxxxxxxx> wrote in message
news:Yle9e.41273$vt1.17355@xxxxxxxxxxx
> I really don't know what category to put this in, since I don't know where
> the problem is exactly. Ok this is the full story.
>
>
>
> Are current ISP gives us an static fake ip address that's re-directed to
an
> static real address (for what ever reason). So for example my fake static
ip
> for an external address on my wg2500 box is 10.251.2.X (fake static). But
if
> you want to connect from outside the network via VPN you connect with
> 129.132.X.X (real static) address.
>
>
>
> The SOHO WG2500 box is plugged into are windows 2000 server computer
> (192.168.111.100) and does the DHCP for the local network and for the
remote
> access users(VPN). So the DHCP scope looks at the SOHO WG2500 box's IP
which
> is 192.168.111.1, then the DHCP address assigned are 192.168.111.33 to
> 192.168.111.88, then the DHCP servers are 192.168.111.100 and
> 192.168.111.101 (other server).
>
>
>
> So my problem is the new ISP has no funny fake static ip's or anything.
It's
> a plan jane no restriction real static ip. So when I unplug the current
ISP
> and plug in are new ISP is just changed the external address info on the
> SOHO box to new information. Once I did that the internet works great. So
> really, the only thing I need to change is the IP address that my remote
> user login with. So I changed the IP for the clients to the new static IP.
> Once I did that, I could not connect to the server. It never said denied
> access or anything. It just was not there. But on the client computers I
can
> ping the external address fine.
>
>
>
> Once I had that problem, I plugged my old ISP box back in the SOHO and
> everything started to work fine. I just can't find the problem stopping me
> from fixing this for my new ISP. One thing I should mention, the old did
> setup the windows 2000 server's. So I guess it is possible they have
hidden
> settings some where. But I can't find them!!!!
>
>
>
>
>
>
>
> Any Idea's would really help.
>
>


.

Relevant Pages

  • Re: SBS 2008 DHCP ip assignment problem
    ... firewall functions to rule it out. ... DHCP server & Client services are running ... Your computer was not assigned an address from the network (by the DHCP ...
    (microsoft.public.windows.server.sbs)
  • Re: Is this a simple question with a simple answer?
    ... > with 20+ clients behind a linksys firewall. ... My office has decided it wants to run it's own Email server, ... > preparation I had them purchsase a new server which will also run Win 2000 ... > DHCP from the firewall to 1nic on the email server, ...
    (microsoft.public.win2000.ras_routing)
  • Re: Multiple IP Schemes for Different Buildings
    ... As of right now I have a linksys router on both ends and no hardware ... DHCP broadcast is on the local subnet only, ... router to forward internet traffic to your firewall. ... If each server has it's own DHCP server then I don't need to worry about a ...
    (microsoft.public.windows.server.general)
  • Re: What are FSMO roles?
    ... Hardware firewall as DHCP ... ... SBS2000 is the DNS server, and of course, the DC. ...
    (microsoft.public.windows.server.sbs)
  • Re: DHCP Questions
    ... firewall - you should hook up the T1 modem to the firewall, ... Unless you are putting the two network cards in the server on different ... REALLY don't want two network cards in the same address range in the same ... But Once I enable DHCP on that server that I'm making the ...
    (microsoft.public.win2000.networking)