Re: Routing across internal subnets

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

James Brubaker <JamesBrubaker@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
We are having no problems with the Cisco Tunnel, everything works
that way. I think a DC at the remote locations is probably out of the
question.
RWW is not how they want to connect to their outlook, they want to
use the cached exchange mode on the desktop...

Then they don't even need VPN for that. RPC over HTTP. I wouldn't configure
the remote office computers as part of the domain without a local DC,
though.

I agree with Larryoverall. Your setup is quite complex enough without adding
a third NIC. I don't even recommend two.



Thanks for the thoughts, though...

"Larry Struckmeyer" wrote:

Hi James:

I am struggling here cause I don't do Cisco. However, this much I
do know. SBS does not play nice with three nics.

Some thoughts:

Keep the tunnel, keep the remotes in workgroups, use RWW. Should be
a piece of cake. You would want a Terminal Server on a member
server. Should be less expensive than a DC in each remote office.

Keep the tunnel, add a DC to each location, join the DC and the
clients to the SBS domain and have them authenticate against the DC

VPN's are a pain.

Larry


"James Brubaker" <JamesBrubaker@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:EA43E5D6-D106-46ED-9D99-18EEF2D790E4@xxxxxxxxxxxxxxxx
We have a gre tunnel between this main site and the remote sites on
our Cisco
routers in order to connect the separate subnets for the smaller
remote locations. Individual VPN's from each PC are not really
feasible, and the sites do not have a servers set up to do VPN's
just the routers that do the
tunnel.

Our end goal is the following (for one location):

Remote Site - Cisco Router - Cisco Tunnel Endpoint (Remote) -
192.168.20.0 - 192.168.20.1 - 192.168.100.2 -

Cisco Tunnel Endpoint (Main Office) -Cisco Router - SBS Server
(External Nic) -
192.168.100.1 - 10.10.10.1 -
10.10.10.2 -

SBS Server (Internal Subnet)
192.168.0.0

In essence, that the external 192.168.20.0 subnet can communicate
with the 192.168.0.0 Subnet.

Are thoughts are that we may need a 3rd NIC to do a static route
(although current configured static routes do not work), a Vlan in
the 192.168.0.0 subnet on the Cisco Router, or possibly ISA.

Thanks again in advance.





"Larry Struckmeyer" wrote:

Hi James:

Other than not being able to ping the internal nic from the
router, are you
having any other problems? Can you explain your desired end goal?

Larry

"James Brubaker" <James Brubaker@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote
in message
news:37DFBF55-63F9-455E-ACCC-AC9510F75728@xxxxxxxxxxxxxxxx
Here is my configuration, any help is greatly apreciated!!
SBS2003, Two NICS, Inside Private NIC is 192.168.0.1, Outside is
10.10.10.2.

Connected to a Cisco Router With Static IP of 10.10.10.1, Which is
connected
directly to the Internet via static IP.

SBS2003 is DHCP server for Internal Network (192.168.0.0) side, no
problems
with
Internet Access, no problems with VPN to SBS.

From the Cisco router (with the 10.10.10.1 address), we are
unable to ping
the 192.168.0.0 side of the SBS2003. We have the router and the
server configured with RIP version 2, and the SBS2003 shows up on
the router in
the
IP Route as connected.

In the SBS2003, A route to the Cisco router shows up when we do a
'show neighbors' in RRAS.

We have tried to accomplish this by adding static routes on the
SBS2003 in
RRAS using
route -p add 192.168.0.0 mask 255.255.255.0 10.10.10.1
route -p add 192.168.0.0 mask 255.255.255.0 10.10.10.2
route -p add 10.10.10.1 mask 255.255.255.0 192.168.0.0
route -p add 10.10.10.2 mask 255.255.255.0 192.168.0.0
but to no avail!!!

Any suggestions or help would be appreciated. We do not have ISA
server installed on the SBS2003 at this point.

Thanks in advance!



.

Relevant Pages

  • Re: Need help creating a VPN through a firewall
    ... I'll rerun CEICW & Remote Access ... couldn't physically reboot the router tonight, ... I'll report tomorrow after rebooting the server and re-running the ... Unable to establish the VPN connection. ...
    (microsoft.public.windows.server.sbs)
  • Re: Accessing PCs that connect to SBS server 2003 via VPN
    ... Router is set up to passthrough, SBS server should be endpoint. ... the router set up for PPTP (VPN) passthrough so that the endpoint is the SBS ... Do List | Configure Remote Access). ...
    (microsoft.public.windows.server.sbs)
  • Re: vpn probl
    ... not to vpn server, so when workstations needed to reply to the ping requests ... they were trying to respond though their gateway that was the adsl router ... static route 172.16.x..x pointing to vpn remote router in rras, ...
    (microsoft.public.windows.server.networking)
  • Re: Need help creating a VPN through a firewall
    ... Using Restart from the router menu should be as good as a physical reboot of ... CEICW and Remote Access wizard? ... try an external VPN again to the SBS server. ... Unable to establish the VPN connection. ...
    (microsoft.public.windows.server.sbs)
  • Re: Still cant connect to RWW or OWA remotely
    ... this points to a problem with the SBS Server. ... Remove any "phantom NICs" ... Reconfigure NIC for it's original static IP (same IP range as router), ... can't Remote Desktop into the server. ...
    (microsoft.public.windows.server.sbs)