Re: VPN router - a routing issue..

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

In article <uojbIbCeJHA.1328@xxxxxxxxxxxxxxxxxxxx>, tom.scott16@g-
nospam-mail.com says...
I have a routing problem, the network is a Broadband modem, Snapgear SG300
router, switch, dual homed SBS2003R2 Standard server (external and internal
NICs), workstations.

The router is new, purchased to provide extra security, the network has been
subject to increasing dictionary hack attacks. What I've found is that these
are mostly PPTP based, and I was hoping to use the routers VPN server to
establish network access.
[snip]

So, you want to PPTP into the Router and then have the router provide
access to your network?

If I understand, then you really need to be a Single NIC solution and
abandon the Dual Nic idea, it's always a mess when you try VPN stuff.

I don't use SnapGear devices - assuming that it provides/acts as a VPN
Server for PPTP sessions, you would have your users VPN directly to the
public IP of the SG router, authenticate with it, then have a RULE in
the SG router that would allow traffic from VPN sessions to the parts of
the network that you want.

Your best bet would actually be to (from your description in another
post of your actual need) setup a small Terminal Server 2003 system,
then allow users to Remote Desktop with Drive Mapping into the Terminal
Server, from there you would have mapped drives on logon that would
permit them to reach the files they need.

You could also setup a authenticated FTP method to let them access
files:

Setup the SG with a user/password that permits FTP ONLY FOR
Authenticated Users, then run FileZilla FTP server on the Server and
then provide FTP access that way. This would lock remote connections out
unless they authenticated with the SG user/password that you create to
ping against the FTP rule.

A better solution would be to purchase a REAL firewall appliance and do
all of this with a lot more security.

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@xxxxxxxxxx (remove 999 for proper email address)
.

Relevant Pages

  • Re: Connection from remote computer to network SQL Server
    ... There is no firewall on the W2K machine acting as the SQL server. ... I tried making the SQL machine a "trusted" on the router. ... connection works. ... To find the IP address of your computer inside the network, ...
    (microsoft.public.access.adp.sqlserver)
  • RE: Small network with lots of features, questions
    ... Your network sounds overly complicated to me. ... to get to the internet. ... To do that, without using your server as a router, you need ...
    (microsoft.public.windows.server.networking)
  • Re: SBS 2008 Server losing DNS and Router Settings since Windows U
    ... backup plan you would have to figure out when the server got hacked then ... only thing that does mess with the router is Windows. ... if the NIC is not connected to the network (which there is ... On reflection I think I may have triggered the changes to DNS DHCP. ...
    (microsoft.public.windows.server.sbs)
  • Re: Still cant connect to RWW or OWA remotely
    ... laptop plugged into port on DSL router. ... service, e-mail, and RWW is available to all users on the network. ... The server is a SBS2003 SP1 Standard box without ISA, ... of the two NICs by clicking the Advanced tabs, it won't open that box, ...
    (microsoft.public.windows.server.sbs)
  • ~~~~~~~~~~~~~~ IP ADDRESS ~~~~~~~~~~~~~~
    ... block my ip address vista windows ... change public ip address linksys router ... setting up a network ip address ... warcraft server ip address ...
    (sci.misc)