Gateway to Gateway VPN

[Sammy]

Can someone please point me to a good doc or white paper on HOW TO create
gateway to gateway VPN using Windows 2000 or Windows 2003? NOT ISA, but
plain VPN using Windows 2000 or 2003.

Thanks!

 

[Robert L [MS-MVP]]

quoted from http://www.ChicagoTech.net
How to Setup A Site-to-Site VPN Connection

To setup a Site-to-Site VPN Connection , you may need to configure two
windows servers for the Answering and Calling Routers. Here are the steps:

1. Run RRAS, on Configuration page, select LAN routing.
2. Configure VPN on the Answering Router.
3. Configure the Demand-dial Interface on the Answering Router.
4. Configure VPN on the Calling Router.
5. Configure the Demand-dial Interface on the Calling Router.
6. Confirm the Remote Access Policy Configuration on the Answering and
Calling Routers.


--
For more and other information, go to http://www.ChicagoTech.net

Don't send e-mail or reply to me except you need consulting services.
Posting on MS newsgroup will benefit all readers and you may get more help.

Robert Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN, Anti-Virus, Tips & Troubleshooting on
http://www.ChicagoTech.net
This posting is provided "AS IS" with no warranties.

 

[Bill Grant]

There are several guides at microsoft.com . A search for "router to
router" should pick them up. Phillip Windell listed some in a reply to a
question today in the windows.server.networking newsgroup .

Have you looked at the article in help in W2003? I believe it is also
under router to router VPN.

 

[Phillip Windell]

Hi Bill!

Now my cover is blown, now they all know I been "moonlighting" in the
Networking groups when they weren't looking :-0

Here's some articles for VPN when ISA is involved:

(Tom! where's part #1? A lot of multi-part articles aren't showing all the
parts in the searches)
Joining Networks over the Internet with a Gateway to Gateway VPN: ISA Server
to Windows 2000 RRAS - Part 2
http://www.isaserver.org/articles/g2gisa2rraspart2.html

Announcing the ISA Server 2000 VPN Deployment Kit
http://www.isaserver.org/articles/isa2000vpndeploymentkit.html

Here one from MS's site. I looks like one of those "Audio/video" things you
have to use mediaplayer for.

Deploying a Highly Available Site-to-Site VPN with Microsoft ISA Server
http://www.microsoft.com/technet/pr...3/introduction/virtualconf/deploy/vcon42.mspx

 

[Joel Gacosta]

I setup a router-to-router VPN between two offices and it works perfectly.
We're planning to have multiple branches with same configuration(with one
main office and all the branches are connecting to it). Is there a
limitation in the number of router-to-router connection?

thanks!

 

[Bill Grant]

Not that I am aware of. You just need to set up a demand-dial interface
on the central server for each site with the appropriate routes. The sites
need to be in different IP subnets (ie different from each other and from
the central site). And each site needs to connect to the correct dd
interface to setup the correct return route.

You can even route between branches if you use a hub and spoke routing
model. For instance, if all sites use 192.168.x.x/24 addresses, you can set
the remote sites to send all 192.168.0.0/16 traffic to the central site. The
central site will then relay traffic for another site up the correct "spoke"
(since the central site has routes to all peripheral sites).