RE: Permanent Branch Office VPN / WAN to LAN Routing

Hi Tony

Thanks for your reply.

I am sorry for the weekday delay.

>From your email, I have understood your situation. The issue is expected
action. The client in remote office can connect to the SBS' external NIC
but the traffic is blocked by SBS since the SBS is protecting the internal
LAN.

We may use any one of the following workaround:

1. Establish site-to-site VPN connection between SBS and Router in Remote
office instead.
2. Establish the VPN connection from the client in the remote office to the
SBS.
3. Install ISA Server 2004 since it can configure the network relationship
between the internal SBS LAN and external SBS LAN to Routing.
4. Publish some internal resource to the SBS' external network if ISA is
installed on SBS.

For detailed information, please refer to the following KB articles

323381 How to Allow Remote Users to Access Your Network in Windows Server
2003
http://support.microsoft.com/?id=323381

323441 How To Install and Configure a Virtual Private Network Server in
Windows
http://support.microsoft.com/?id=323441

816573 How To Configure a VPN Server to Act as a Router in Windows Server
2003
http://support.microsoft.com/?id=816573

Connecting a Remote Office to a Small Business Server 2000 Network
http://www.microsoft.com/technet/prodtechnol/sbs/2000/maintain/remotofc.mspx

Joining Networks over the Internet with a Gateway to Gateway VPN: ISA
Server to Windows 2000 RRAS - Part 1
http://www.isaserver.org/tutorials/g2gisa2rraspart1.html

Joining Networks over the Internet with a Gateway to Gateway VPN: ISA
Server to Windows 2000 RRAS - Part 2
http://www.isaserver.org/articles/g2gisa2rraspart2.html

Joining Networks over the Internet with a Gateway to Gateway VPN: ISA
Server to Branch Office ISA Server/Domain Controller - Part 1
http://www.isaserver.org/tutorials/gatewaytogatewaywithdc.html

Joining Networks over the Internet with a Gateway to Gateway VPN: ISA
Server to Branch Office ISA Server/Domain Controller - Part 2
http://www.isaserver.org/tutorials/gatewaytogatewaywithdcpart2.html

Hope the information help and I look forward to your reply.

Best regards,

Crina Li (MSFT)

Microsoft CSS Online Newsgroup Support

Get Secure! - www.microsoft.com/security

=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================

This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| Thread-Topic: Permanent Branch Office VPN / WAN to LAN Routing
| | From: =?Utf-8?B?VG9ueSBZ?= <TonyY@xxxxxxxxxxxxxxxxxxxxxxxxx>
| Subject: Permanent Branch Office VPN / WAN to LAN Routing
| Date: Thu, 16 Jun 2005 14:09:03 -0700
| | Newsgroups: microsoft.public.windows.server.sbs
| |
| I am trying to connect 2 x client PC's at our branch office via a
permanent
| router to router VPN connection. I basically require the 2 x client PC's
to
| act as if they were directly attached to our network at head office, with
| full access to shared resources and so we can transfer files backwards
and
| forwards. Both offices have ADSL broadband and Static IP's.
|
| We have SBS 2003 Standard with 2 x NIC's. Below is the network topology I
| require to be implemented.
|
| HEAD OFFICE BRANCH
OFFICE
|
| LAN
| 192.168.16.3/50 192.168.16.2
|
Clients<----------->Server<------>Router1<--INTERNET-->Router2<--->Clients
x 2
| WAN 192.168.0.3 192.168.0.2
192.168.3.2
| 192.168.3.3/15
|
| I have the tunnel established between the 2 VPN Firewall routers so that
bit
| is OK.
|
| The only ping I CANNOT make successfully is from 192.168.3.3 to
192.168.16.2.
|
| This is basically because there is no route from the WAN side of the
| network, to the LAN side of the network at head office.
|
| Does some one know how to create this route from WAN to LAN, to allow
access
| for the remote clients?
|
| Many of the other forums I have posted this connundrum in, just suggest
to
| remove the 2nd NIC. Doesn't this go against the ethos of SBS 2003?
|
| Any helpful suggestions will be greatly appreciated.
|
| Tony Y
|
|
|
|
|
|

.

Relevant Pages

  • RE: Multi-Site SBS2K3 VPN with inter-site trust ?
    ... the following are some limitations regarding SBS 2003: ... Small Business Server 2003 client access license. ... For creating VPN, you can refer to the following documents: ... 323441 How To Install and Configure a Virtual Private Network Server in ...
    (microsoft.public.windows.server.sbs)
  • RE: VPN Connection Problems
    ... you can not ping anything on the SBS network from WAN. ... you may follow the steps below to configure VPN access on ... > FQDN of the SBS server on the Web Server Certificate page. ...
    (microsoft.public.windows.server.sbs)
  • Re: VPN, mapped drives
    ... on the server". ... This newsgroup only focuses on SBS technical issues. ... I understand that you can establish the VPN ... Is the remote network using the same subnet address as the local ...
    (microsoft.public.windows.server.sbs)
  • RE: Permanent Branch Office VPN / WAN to LAN Routing
    ... The client in remote office can connect to the SBS' external NIC ... Establish site-to-site VPN connection between SBS and Router in Remote ... Install ISA Server 2004 since it can configure the network relationship ...
    (microsoft.public.windows.server.sbs)
  • RE: Adding a Subnet?
    ... and cannot manage them via remote Computer Management MMC on your SBS ... Also the VPN network's performance is not good as its should. ... Let's focus on the network folder access issue at first. ... some known issues after applied Windows Server 2003 SP2 on SBS server which ...
    (microsoft.public.windows.server.sbs)
Loading