Re: Routing across internal subnets

For site<>site VPN with hardware devices in place, Joe has it :-). Single nic.

--
Les Connor [SBS MVP]


"Joe" <joe@xxxxxxxxxxxxxx> wrote in message news:uvWb3B4BIHA.3716@xxxxxxxxxxxxxxxxxxxxxxx
James Brubaker wrote:
We have a gre tunnel between this main site and the remote sites on our Cisco routers in order to connect the separate subnets for the smaller remote locations. Individual VPN's from each PC are not really feasible, and the sites do not have a servers set up to do VPN's just the routers that do the tunnel.

Our end goal is the following (for one location):

Remote Site - Cisco Router - Cisco Tunnel Endpoint (Remote) - 192.168.20.0 - 192.168.20.1 - 192.168.100.2 -

Cisco Tunnel Endpoint (Main Office) -Cisco Router - SBS Server (External Nic) - 192.168.100.1 - 10.10.10.1 - 10.10.10.2 -

SBS Server (Internal Subnet)
192.168.0.0

In essence, that the external 192.168.20.0 subnet can communicate with the 192.168.0.0 Subnet.

Are thoughts are that we may need a 3rd NIC to do a static route (although current configured static routes do not work), a Vlan in the 192.168.0.0 subnet on the Cisco Router, or possibly ISA.

Move the SBS to one NIC mode. SBS with two NICs, whether with ISA or not, is a firewall, and is specifically designed not to allow access to its LAN side from the 'outside'. You can open ports to allow access, but by the time you've opened enough to allow workstations to operate with it, there's absolutely no point in having two NICs.

.

Relevant Pages

  • Re: Third NIC
    ... Try the WAP on the switch that the SBS internal nic is connected to. ... the SBS really supports just the one subnet. ... If all 5 nics are physically in your SBS server you might as well only have one. ...
    (microsoft.public.windows.server.sbs)
  • Re: 2 NIC SBS2003R2 LAN/WAN Firewall Router Connection Failure
    ... I've asked the other SBS MVP's to comment on the current status of SBS ... I connected directly to the router and changed its LAN side subnet mask ... |> Two Nics, a static IP address, ISA, router ...
    (microsoft.public.windows.server.sbs)
  • Re: 2 NIC SBS2003R2 LAN/WAN Firewall Router Connection Failure
    ... router from internal client or SBS. ... Please contact your router vendor to check the settings in the router, ... may be there are some rule deny the access from some IP addresses or subnet. ... |> Two Nics, a static IP address, ISA, router ...
    (microsoft.public.windows.server.sbs)
  • Re: 2 NIC SBS2003R2 LAN/WAN Firewall Router Connection Failure
    ... I changed the SBS external IP settings as you suggest. ... Clients and the SBS Server can reach the router. ... may be there are some rule deny the access from some IP addresses or subnet. ... |> Two Nics, a static IP address, ISA, router ...
    (microsoft.public.windows.server.sbs)
  • Re: Unable to access https sites
    ... I kow changing the *nix subnet isn't going to work for you, ... > The NT box is being replaced by the SBS. ... I didn't know the two NICs shouldn't be ... >>> network card) connected to a switch and then the router. ...
    (microsoft.public.windows.server.sbs)
Loading