|
Home > Archive > VPN > June 2007 > help setting up vpn
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
help setting up vpn
|
|
| patliz1@juno.com 2007-06-10, 1:13 pm |
| I need a little help in setting up a vpn on a MS server 2003. I have
set one up before, but the setup was different than this one. They
switched to a new isp with a static ip address. Here is the setup
dsl modem with static ip (verizon westall wireless with 4 port)--->
goes into a linksys firewall router (do I even need this anymore)-->
goes into a 24 port switch --> server connects into switch.(server is
DNS enabled and DHCP disabled)
The server's internal network card is 192.168.0.150
linksys gateway is 192.168.0.1
workstations have static ip addresses 192.168.0.xxx with gateway as
192.168.0.1 and dns as 192.168.0.150 and xxx.xxx.xxx.xxx from current
ips provider.
I am getting confused by the ip addresses and the order of the
connections. I have put in a second nic in the server. Should it
connect to the switch or the dsl modem/router directly? what should
the numbers be on this nic (ip, DNS, etc)
The dsl modem has the static ip address as well as the gateway and DNS
addresses setup as a bridge.
The address of the dsl modem was 192.168.1.1 and I changed it to
192.168.0.3 so I can access it from a workstation.
The workstations can connect to the internet directly without the
server being on. (not sure why they have it setup this way--could be
carry over from former setup with out server)
Any help would be appreciated. Thanks.
| |
| hcboetech@gmail.com 2007-06-21, 1:14 pm |
| On Jun 10, 11:31 am, patl...@juno.com wrote:
> I need a little help in setting up a vpn on a MS server 2003. I have
> set one up before, but the setup was different than this one. They
> switched to a new isp with a static ip address. Here is the setup
>
> dsl modem with static ip (verizon westall wireless with 4 port)--->
> goes into a linksys firewall router (do I even need this anymore)-->
> goes into a 24 port switch --> server connects into switch.(server is
> DNS enabled and DHCP disabled)
>
> The server's internal network card is 192.168.0.150
> linksys gateway is 192.168.0.1
> workstations have static ip addresses 192.168.0.xxx with gateway as
> 192.168.0.1 and dns as 192.168.0.150 and xxx.xxx.xxx.xxx from current
> ips provider.
>
> I am getting confused by the ip addresses and the order of the
> connections. I have put in a second nic in the server. Should it
> connect to the switch or the dsl modem/router directly? what should
> the numbers be on this nic (ip, DNS, etc)
>
> The dsl modem has the static ip address as well as the gateway and DNS
> addresses setup as a bridge.
>
> The address of the dsl modem was 192.168.1.1 and I changed it to
> 192.168.0.3 so I can access it from a workstation.
>
> The workstations can connect to the internet directly without the
> server being on. (not sure why they have it setup this way--could be
> carry over from former setup with out server)
>
> Any help would be appreciated. Thanks.
First, from the information you provided, the server appears to be
used for your WINS/DNS and DHCP. Very rarely do people use the
servers as a proxy any longer. (The old MS proxy days....) Internet
functionality would not be dependent on it, but without the server you
will loose PC connectivity in 5 to 8 days, depending on your DHCP
lease time. so don't turn it off, or plan on getting rid of it unless
you move the DHCP to a different device.
Unless you are going to give all your machine public IP addresses
(NEVER RECCOMENDED) then you will need to keep the linksys firewall/
router.
Also, why the need for the second NIC in the server?
Are you trying to dual home the server to get internet access?
You did not state that there was a problem with server access,
although you did say that workstation access is fine.
In regards to the IP address order you listed on the secondary NIC, I
am not sure what you mean.
If you mean the different address on the DNS, It looks like you are
resolving all internal addresses first and then dropping to the
outside DNS as a secondary. If this is what you meant, it would work,
personally I would move the secondary DNS to a forwarder in your DNS.
Unless the server is doing proxy or some other need for outside
resolution its better to have it segmented correctly in case you have
to troubleshoot something.
I beleive that linksys uses in-house vpn software for most of their
VPN access, Quick VPN.
I do not know if you current model supports it or not, but you can
check the linksys site and see if you can do a firmware upgrade that
will allow you to use the Quick VPN software.
The setup you listed above seems pretty standard as far as a network
model.
Modem to Firewall, and then using a differnet non-routable address set
internally (NAT)
In my opinion, no need to really change anything.
If you can upgrade to use the Quick VPN software, you should not have
to change anything, but just set up the appropriate route/rule in the
firewall and have the users use the Quick VPN software to connect.
Hopefully this helps!
|
|
|
|
|