Re: SBS2003 r2 and VPN

Tech-Archive recommends: Fix windows errors by optimizing your registry

---

• From: jdc <jdc@xxxxxxxxxxxxxxxxxxxxxxxxx>
• Date: Mon, 18 Aug 2008 16:10:15 -0700

---

Yes, the SBS box is setup as default gateway on both ends (it is the only
server at each location), and both are ISA2004, using 2 NIC configurations.

I read through the white paper link you reference and it seems straight
forward and I will try to impliment this configuration this weekend, thank
you for all your advice.

jdc

"Matabra" wrote:

Hi,

Yes you can do that with SBS2003. You cant create a trust (so you will still
need different logon credentials for each domain) but so long as you use
different subnets (eg 192.168.1.0/24 and 192.168.2.0/24) you will be able to
create a seamless WAN connection.

A Few questions first,

Is the SBS/ISA box set as the default gateway on all your clients on both
sides of the network?

Can you give me an ipconfig /all and a route print of the SBS server and of
the clients. (preferably one from each site, but not majorly important if
both are configured similarly

Then i can tell you if all is going to work

Things to do.

Set up an ISA to ISA VPN - Documented here
http://technet.microsoft.com/en-us/library/cc713322.aspx . Ignore the bits
about NLB as that doesnt apply in your particular situation

If the SBS server is not set as the defualt gateway, Then add a static route
in your clients routing tables to point the correct network to the SBS
server (will post when i have the ipconfig)

Set up DNS in both sites as a secondary zone of the other site, so you can
access the other machines by name.

If you post back the configuration, and take a look at the document ,then i
can advise you on the next steps to take.

Matt



"jdc" <jdc@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:B1112A29-52BF-448B-B462-3426DDCEAC5E@xxxxxxxxxxxxxxxx

Thanks agian.

Only one user needs this capabilty from our side, however several form the
other Server connect via VPN to our server. Both Servers are SBS2003r2,
and
I was told that you couldn't establish a bidirectional VPN connection
consisting of SBS2003 Server to SBS2003 server. Is this "ISA-Remote
Network
VPN" you mention sonthing I can configure on both ends to provide seemless
connectivity for clients behind both servers? THAT would be great! Our
IP
schemes and Domain names are different.

Please advise


"Matabra" wrote:

Yes and no,

Outbound VPN connections are often blocked within corporations as the IT
dept loses the ability to log/filter net traffic and therefore it is a
security breach.

Is there a reason you are doing it from the desktop. If it is a partner
company etc then you can do a ISA - Remote network VPN , stil giving you
the
filtering you want, but without the security breaches.

Matt

"jdc" <jdc@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:A2FE8290-537B-4744-A1BA-856597E624A6@xxxxxxxxxxxxxxxx

Thank you. I added a simple access rule in ISA for client VPN
protocols
outbound and the problem is solved. Odd that ICW doesn't configure for
outgoing though.

"Matabra" wrote:

hi,

Can the client make a VPN connection from outside your network.

You might need to create an outbound rule to allow it. Try that, I
dont
think the ICW will create outbound VPN Rules

Regards,

Matt

"jdc" <jdc@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:96FFD6F8-F519-4AAC-8BC7-49829F4F1E8A@xxxxxxxxxxxxxxxx

I have new SBS2003r2 running ISA2004.

I have installed all the service packs and ran the ICW to configure
the
ISA
for VPN. I am able to establish a VPN connection to the server from
a
remote
location, however client on the LAN behind the SBS Server cannot
establish
a
VPN to another remote server. Do I need to create a rule in my ISA
for
Outbound VPN traffic? Should the VPN option under the Firewall
section
of
ICW create these rules?

.

---

• Follow-Ups:
  • Re: SBS2003 r2 and VPN
    • From: Terence Liu [MSFT]

• References:
  • SBS2003 r2 and VPN
    • From: jdc
  • Re: SBS2003 r2 and VPN
    • From: Matabra
  • Re: SBS2003 r2 and VPN
    • From: jdc
  • Re: SBS2003 r2 and VPN
    • From: Matabra
  • Re: SBS2003 r2 and VPN
    • From: jdc
  • Re: SBS2003 r2 and VPN
    • From: Matabra

• Prev by Date: Re: RWW Default Profiles
• Next by Date: RE: SBS 2k3 and Microsoft Search 4.0
• Previous by thread: Re: SBS2003 r2 and VPN
• Next by thread: Re: SBS2003 r2 and VPN
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Some Questions ... you may need to follow the steps below to configure VPN access ... And make sure you have typed the public FQDN of the SBS ... server on the Web Server Certificate page. ... log in and download Connection Manager. ... (microsoft.public.windows.server.sbs) RE: server/connectcomputer from remote offices ... > Thank you for posting to the SBS Newsgroup. ... > should be SBS_LOGIN_SCRIPT.bat on the two DCs for remote clients. ... > DC not SBS 2K3 Server, unless they need to access SBS Resource (e.g. ... > the Copy button and paste the full content to the Newsgroup. ... (microsoft.public.windows.server.sbs) RE: VPN Clients Not Registering in AD DNS ... via VPN, the DNS records of the VPN clients are unable to be registered. ... Windows 2003 server? ... please let me know whether the clients get the IP ... (microsoft.public.windows.server.sbs) RE: Enabling VPN Remote Access using SBS 2003 standard with ISA 20 ... I am glad to hear the VPN issue has been resolved! ... on the SBS Server. ... Enabling VPN Remote Access using SBS 2003 standard with ISA ... (microsoft.public.windows.server.sbs) RE: SBS 2003 and WAN connections useing Cisco Routers ... Thank you for posting in SBS newsgroup. ... do you mean you have created VPN using router to router or router ... server on the Web Server Certificate page. ... 0x2F if you are looking in Network Monitor). ... (microsoft.public.windows.server.sbs)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Windows  > microsoft.public.windows.server.sbs  > 2008-08