Site to Site VPN config advice?

---

• From: SolRodriguez <SolRodriguez@xxxxxxxxxxxxxxxxxxxxxxxxx>
• Date: Mon, 16 Jun 2008 15:24:29 -0700

---

I need to set up a site to site VPN with our network and a hospital that we
work with. I'm not sure what the best configuration would be. Currently we
use SBS 2003 Premium (with ISA 2004) with two nics, and we have a small
Linksys router at the network edge. The hospital use a Cisco Concentrator
3030.

As far as I understand, a site to site VPN connection cannot be made with
our current SBS configuration having the linksys at the network edge since
this creates a mini "network" between the linksys and the external NIC of the
SBS and a "double NAT" environment.

After doing some research, it seems I have 3 options.
1) Remove the linksys and put the SBS on the network edge. This config
should work, but many people don't believe SBS should be on the network edge.
2) Add a second static internet connection coming into the network that
bypasses SBS that is dedicated to the VPN (as outlined in this article:
http://msmvps.com/blogs/javier/archive/2004/12/08/23045.aspx ). Again, this
should work, but some are against it.
3)Remove ISA and remove the external NIC from SBS and put a hardware
appliance VPN/Router at the network edge. My concern with this method are
the unknowns of how removing ISA will affect the SBS box and its services. I
am leaning towards this route, but are there certain things I should be aware
of going into it? Are there best practices for this scenario? All the best
practices for SBS that I have read in the past call for a 2 NIC environment.

Am I missing something? Thanks in advance for any insights and suggestions.

Sol Rodriguez
.

---

• Follow-Ups:
  • Re: Site to Site VPN config advice?
    • From: Joe
  • Re: Site to Site VPN config advice?
    • From: Jim Behning SBS MVP
  • Re: Site to Site VPN config advice?
    • From: Colin

• Prev by Date: Re: There is a problem with this website's security certificate.
• Next by Date: Re: CEICW fails on Firewall Configuration (SBS 2003 Premium SP1)
• Previous by thread: There is a problem with this website's security certificate.
• Next by thread: Re: Site to Site VPN config advice?
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Install 3 times (triple crown) ... Build the customer SBS box enabling both nics ... network, as are the wan nics of the SBS boxes. ... how far can you go with the installation? ... (microsoft.public.windows.server.sbs) Re: May need to move from SBS because of connection issues ... Can you connect from your own SBS server itself to a remote SBS network via ... broadband wireless connection. ... (microsoft.public.windows.server.sbs) Re: DHCP Fails on Authorized Server ... The DHCP shutdowns may because the SBS detects another DHCP in network. ... How to configure Internet access in Windows Small Business Server 2003 ... On the Connection Type page, click Broadband, and then click Next. ... (microsoft.public.windows.server.sbs) RE: Server shared drives inaccessible ... I have not had a chance to swap out the network switch or disable the sonic ... Do you think I should reboot the SBS to make sure the setting is populated ... Microsoft CSS Online Newsgroup Support ... This newsgroup only focuses on SBS technical issues. ... (microsoft.public.windows.server.sbs) Re: Server/Network setup question ... Let's keep the P2P network and the ... SBS server's internal NIC to the switch. ... The internal NIC of the SBS server will default to 192.168.16.2 during the ... you change the IP of the rented printer to 192.168.16.8 (or some ... (microsoft.public.windows.server.sbs)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Windows  > microsoft.public.windows.server.sbs  > 2008-06