Re: Tricky Site-to-Site VPN

---

• From: Joe <joe@xxxxxxxxxxxxxx>
• Date: Tue, 23 Jan 2007 09:53:26 +0000

---

Dan24 wrote:

Hi,

I am running an SBS 2003 with ISA 2004 server. I need to set up a
site-to-site tunnel to a 3rd party office.
Now basically, this is not really site-to-site because the only
communication needed here is for our SBS server to access an FTP on
their network securely (they insist it be done with an IPsec tunnel).
Usually I would have done this without a problem using ISA, but here's
where it gets complicated:
My SBS server's IP is 192.168.16.2. The 3rd party office which I'm
trying to create the tunnel with claim they cannot setup the tunnel
since they already have someone else tunneled in with with this IP
(192.168.16.2).

So at first I thought I'll try to set up an additional IP address on
our Internal NIC which is "available" to use on their side, but this
doesn't work since when trying to acess their server the source IP is
still 192.168.16.2.
I have also tried changing the IP address of my Internal NIC but this
caused about 50% of the services running on the server to hang/stop
functioning and so I consider this to be the worst case solution.

Any suggestions on how this could be done would be greatly appreciated!

There's a 'change server IP address' wizard, which ought to deal with
everything in one go, including DHCP. It's a long time since I used it,
but it's available from somewhere in Server Management, possibly the
To Do list.

The lesson here is 'never accept network address defaults', because
everyone else does.

There might be some tricky way of doing this kind of thing with NAT,
but not for IPSec, as that really doesn't work well with NAT, since it
builds the actual source IP address into its authentication.
.

---

• References:
  • Tricky Site-to-Site VPN
    • From: Dan24

• Prev by Date: RE: Excel Macro Security Problem - Trusted macros not running for users (but do run for domain admins)
• Next by Date: RE: Can not Map Network Drive using VPN VPN by T-1 Provider w/ cisco s
• Previous by thread: Tricky Site-to-Site VPN
• Next by thread: Re: Tricky Site-to-Site VPN
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Tricky Site-to-Site VPN ... I am running an SBS 2003 with ISA 2004 server. ... their network securely (they insist it be done with an IPsec tunnel). ... The 3rd party office which I'm ... (microsoft.public.windows.server.sbs) Tricky Site-to-Site VPN ... I am running an SBS 2003 with ISA 2004 server. ... their network securely (they insist it be done with an IPsec tunnel). ... The 3rd party office which I'm ... (microsoft.public.windows.server.sbs) Re: How do I FTP via a secure tunnel (set up instructions requested pls) ... > I too am using Serv-U as a server and tunnel via secure tunnel. ... port. ... So much for the server side. ... (alt.computer.security) Re: Tricky Site-to-Site VPN ... I am running an SBS 2003 with ISA 2004 server. ... their network securely (they insist it be done with an IPsec tunnel). ... The 3rd party office which I'm ... (microsoft.public.windows.server.sbs) Re: Tricky Site-to-Site VPN ... Sometimes the wizard acts up but almost always works. ... I am running an SBS 2003 with ISA 2004 server. ... their network securely (they insist it be done with an IPsec tunnel). ... (microsoft.public.windows.server.sbs)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Windows  > microsoft.public.windows.server.sbs  > 2007-01