RRAS VPN between two sites

  • Thread starter Thread starter Jordan
  • Start date Start date
J

Jordan

We are opening up a new location in another city and plan on using Windows
2003 VPN Server as the site to site VPN software. We already have a
successful implementation of Windows 2003 VPN on our only and main site (for
users to connect into).
Now, we have to set up another VPN server but primarily for connecting the
sites together and still accept user VPN connection.

Can someone please explain the high-level and possibly a graphical
explanation of how this will look like?

(1) How will the VPN servers be set up at each site (only two) using PPTP
(I know IPSec is better)?

(2) Can users authenticate as they normnally do - without affecting our
VPN.COMPANY.COM vpn connection?

(3) Do I create a new subnet at new site?

(4) How do I ensure routing occurs between locations (what is the piece
called)?

Thank you.
 
1. you may keep PPTP for remote users and setup Demand-dial VPN if both sites have windows servers.
2. You should create a new IP range in the new site.
3. RRAS will take care the routing.

these two pages may help,

Site to Site VPN
The username must match the name of a demand-dial interface ... Configure the
Demand-dial Interface on the Answering Router. ...
www.chicagotech.net/site%20to%20site%20vpn.htm

vpn solutions VPN Solutions. 1. Peer to Peer VPN 2. Client to Server VPN 3. Site to Site VPN 4. IPSec VPN 5. Exporting VPN Client Settings ...
www.chicagotech.net/vpnsolutions.htm


Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
We are opening up a new location in another city and plan on using Windows
2003 VPN Server as the site to site VPN software. We already have a
successful implementation of Windows 2003 VPN on our only and main site (for
users to connect into).
Now, we have to set up another VPN server but primarily for connecting the
sites together and still accept user VPN connection.

Can someone please explain the high-level and possibly a graphical
explanation of how this will look like?

(1) How will the VPN servers be set up at each site (only two) using PPTP
(I know IPSec is better)?

(2) Can users authenticate as they normnally do - without affecting our
VPN.COMPANY.COM vpn connection?

(3) Do I create a new subnet at new site?

(4) How do I ensure routing occurs between locations (what is the piece
called)?

Thank you.
 
Site to site VPN can operate quite happily on the same server as
"dialup" or client-server style VPN. The site to site uses its own
demand-dial interface, separate from the default "internal" interface in
RRAS. Routing is managed by staic route(s) linked to that interface.

Have a look at www.microsoft.com/vpn . This will give you links to
heaps of examples.

Have you considered using third party routers for the VPN link? These are
getting cheaper and are completely separate from the existing VPN solution.
If you use Microsoft RRAS, resist the temptation to economise and put RRAS
 
Back
Top