Re: Security Configuration

Les,

Thanks again for your reply, I will look into obtaining a second NIC for the
server that only has one.

After connecting to the VPN via TSC, I am able to access the SBS server, but
none of the workstations on the domain will resolve. I had to stop before
exhausting all possible combinations of workstation name, FQDN and pre-w2k
domain name because the phone number on the pocketpc was changing, and the
phone has to remain off for 24 hours. I was wondering if you had any
insight into this however. I assume that it is a resolution problem, the
same type of problem I would have by using the Windows VPN client to connect
(which I was able to resolve by modifying the DNS suffixes or manually
appending the domain name).

Thanks,

Rob

"Les Connor [SBS Community Member - SBS MVP]" <les.connor@xxxxxxxxxxxx>
wrote in message news:%23Mn%23hGTIGHA.3120@xxxxxxxxxxxxxxxxxxxxxxx
> With a single nic SBS, it's imperative you have a capable firewall -
> properly configured - between the SBS and the internet.
>
> --
> Les Connor [SBS Community Member - SBS MVP]
> -----------------------------------------------------------
> SBS Rocks !
> ----------------------
> "Tell me and I'll forget. Show me and I'll remember. Involve me and I'll
> understand." - Confucius
>
>
> "Robert Zahm" <robzahm@xxxxxxxxxxx> wrote in message
> news:%23mymNATIGHA.3064@xxxxxxxxxxxxxxxxxxxxxxx
>> Les,
>>
>> What are the negative consequences to having a SBS server with only 1 NIC
>> also acting as a VPN server?
>>
>> Thanks,
>>
>> Rob
>>
>> "Les Connor [SBS Community Member - SBS MVP]" <les.connor@xxxxxxxxxxxx>
>> wrote in message news:OLDUXUwHGHA.2320@xxxxxxxxxxxxxxxxxxxxxxx
>>> Hi Robert,
>>>
>>> With 2 nics in the SBS, having a VPN endpoint on the sonicwall doesn't
>>> accomplish anything anyway.
>>>
>>> The way you have it now, with SBS as the VPN server is just fine. If
>>> you've run the wizards, allowed PPTP passthrough (port 1723 and GRE47
>>> protocol) at the Sonicwall, and it all works - then you are done ;-).
>>>
>>> --
>>> Les Connor [SBS Community Member - SBS MVP]
>>> -----------------------------------------------------------
>>> SBS Rocks !
>>> ----------------------
>>> "Tell me and I'll forget. Show me and I'll remember. Involve me and I'll
>>> understand." - Confucius
>>>
>>>
>>> "Robert Zahm" <robzahm@xxxxxxxxxxx> wrote in message
>>> news:uYvy1IwHGHA.3944@xxxxxxxxxxxxxxxxxxxxxxx
>>>> Les,
>>>>
>>>> The goal of the VPN is to allow Pocket PC devices to connect to the
>>>> workstations. The SonicWall VPN won't work because it requires the
>>>> SonicWall VPN client, and all we have on the Pocket PCs is the Windows
>>>> Terminal Services client.
>>>>
>>>> The SBS server does have 2 NICs. Should one of these be dedicated to
>>>> the VPN connection? Is there any documentation you can point me
>>>> towards concerning this?
>>>>
>>>> Thank you very much for your reply,
>>>>
>>>> Rob
>>>>
>>>> "Les Connor [SBS Community Member - SBS MVP]" <les.connor@xxxxxxxxxxxx>
>>>> wrote in message news:%23ixs97vHGHA.3700@xxxxxxxxxxxxxxxxxxxxxxx
>>>>> Hi Robert,
>>>>>
>>>>> Presuming you've got a single nic SBS, and your Sonicwall has VPN
>>>>> endpoint capability - your'e probably better off with the Sonicwall
>>>>> handling the VPN connection. If you SBS is a dual nic - then what you
>>>>> have is what you need - the SBS as VPN endpoint.
>>>>>
>>>>> --
>>>>> Les Connor [SBS Community Member - SBS MVP]
>>>>> -----------------------------------------------------------
>>>>> SBS Rocks !
>>>>> ----------------------
>>>>> "Tell me and I'll forget. Show me and I'll remember. Involve me and
>>>>> I'll understand." - Confucius
>>>>>
>>>>>
>>>>> "Robert Zahm" <robzahm@xxxxxxxxxxx> wrote in message
>>>>> news:uYeGBVfHGHA.984@xxxxxxxxxxxxxxxxxxxxxxx
>>>>>>I have an SBS2003 premium server (no ISA installed) behind a SonicWall
>>>>>>router. We would like to make remote desktop functionality available
>>>>>>to users with PocketPCs. Our solution was to configure the Remote
>>>>>>Access wizard on the server to allow VPN access, and then open port
>>>>>>1723 on the SonicWall (much the way same we open up the ports for
>>>>>>RWW). Obviously the more ports that are open the more insecure the
>>>>>>system becomes, but is there any reason that I should have security
>>>>>>concerns regarding this setup?
>>>>>>
>>>>>> Thanks,
>>>>>>
>>>>>> Rob
>>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>
>


.

Relevant Pages

  • Re: Some Questions
    ... you may need to follow the steps below to configure VPN access ... And make sure you have typed the public FQDN of the SBS ... server on the Web Server Certificate page. ... log in and download Connection Manager. ...
    (microsoft.public.windows.server.sbs)
  • RE: VPN Connection Problems
    ... Note that we are able to successfully VPN into the office. ... to browse the network, RDP to the server or even ping the server. ... > This newsgroup only focuses on SBS technical issues. ...
    (microsoft.public.windows.server.sbs)
  • RE: Enabling VPN Remote Access using SBS 2003 standard with ISA 20
    ... I am glad to hear the VPN issue has been resolved! ... on the SBS Server. ... Enabling VPN Remote Access using SBS 2003 standard with ISA ...
    (microsoft.public.windows.server.sbs)
  • RE: SBS 2003 and WAN connections useing Cisco Routers
    ... Thank you for posting in SBS newsgroup. ... do you mean you have created VPN using router to router or router ... server on the Web Server Certificate page. ... 0x2F if you are looking in Network Monitor). ...
    (microsoft.public.windows.server.sbs)
  • RE: Enabling VPN Remote Access using SBS 2003 standard with ISA 2004
    ... SBS Server, the inbound VPN connection no longer worked. ... Configure the VPN connection on the client and do a VPN test. ...
    (microsoft.public.windows.server.sbs)