Re: VPN Limit

---

• From: Joe <joe@xxxxxxxxxxxxxx>
• Date: Thu, 17 Jan 2008 19:46:42 +0000

---

Cris Hanna [SBS-MVP] wrote:

Check Routing and Remote Access on the Server
Should tell you the number of PPTP connections supported
Typically after you run the the Remote Access Wizard, you get 5 connections available, but you can add more...but this will kill bandwidth

This is from one remote IP address, Cris.

No, you only get one. The PPTP specification allows for multiple VPN tunnels between the same two IP addresses, but with one TCP/IP control channel common to all. That really has to happen in one computer, it can't be done between more than one, and I'm not sure if anyone has ever actually implemented the multiple tunnel feature anyway.

Two or more completely separate PPTP VPNs will not work between the same pair of IP addresses. The SBS can accept more than one VPN, but it relies on matching remote IP addresses in order to associate the VPN control and data channels, and if there are two of each channel, both claiming to come from the same remote IP address, there's no way of doing that.

The only way to do this without buying more hardware is for one remote computer to make the VPN, and for the other one at the same site to use the first as a site-to-site VPN endpoint. I've done this, but it was about four years ago and there's no way I could tell you how from memory.

It involves understanding the TCP/IP routing, adding a couple of static routes, enabling routing in the workstation initiating the VPN (all versions of Windows can route between interfaces) and probably a couple of other things I can no longer remember.

Your boss needs to understand that it will be much cheaper in time to buy another box. If the existing SBS site router can act as a VPN endpoint, the most reliable option is to buy another one of those for the other site.

Also, if site-to-site VPN to the SBS router is used, the SBS must work in one-NIC mode. If it isn't, it needs to be reconfigured. In theory, any router capable of being a PPTP endpoint could create a VPN to the SBS, but in practice that may not be reliable, or even functional. I'd only ever recommend using a Windows VPN client to connect to the SBS RRAS VPN server.
.

---

• References:
  • VPN Limit
    • From: bryant . helms
  • Re: VPN Limit
    • From: Cris Hanna [SBS-MVP]

• Prev by Date: Re: Logon to Client Computer As Different User
• Next by Date: Re: Automatic shutdowns every 1 1/2 hours.
• Previous by thread: Re: VPN Limit
• Next by thread: Re: Remote Web Email Notification Question?
• Index(es):
  • Date
  • Thread

---

Relevant Pages RE: File Access Over VPN ... remote clients access Shares of SBS. ... sure Virtual Private Networking (VPN) is selected in the Services ... server on the Web Server Certificate page. ... (microsoft.public.windows.server.sbs) Re: VPN PPTP problem ... Why the PPTP and GRE packets receive the SBS but the PPTP ... VPN cannot establish? ... (microsoft.public.windows.server.sbs) RE: Remote user could connect but not to all resources ... from remote client to SBS, however you can not access Shares of SBS. ... sure Virtual Private Networking (VPN) is selected in the Services ... server on the Web Server Certificate page. ... E-mail\Configure Remote Access, and select VPN access in the Remote Access ... (microsoft.public.windows.server.sbs) Re: One SBS server - two offices ... put a router which supports PPTP VPN at the non-SBS end, ... How does a domain user login work at the remote site. ... SBS server across the internet and valide the user's credentials? ... If each site is able to work on files on the local network, ... (microsoft.public.windows.server.sbs) Re: VPN PPTP problem ... From the ipconfig result on remote VPN client and SBS, ... (microsoft.public.windows.server.sbs)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(14)