Question

How to setup a VPN.

VPN, TCP/IP, EPOS terminal

Hi. If anyone can help it will be much appreciated. I currently work in two shops and each shop has a static IP address. I wish to set up a VPN network so that I can move one of the Epos terminals to the other shop while keeping the epos server at the original shop and thus allowing the terminal to work by tunneling to the first shop over the internet. The terminals are running Windows XP SP2 and the router I am using is the BT 2WIRE router with a generic 24 port switch. I am currently trying to test a VPN server I have setup but I receive an error TCP/IP CP Error 733. I am reletively new to this and any info would be welcome. Thanks.

Even though the sites have a public static IP address, it is likely that the router at each site is doing port address translation (PAT). You can still setup a VPN using this but doing network address translation (NAT) is a better way. You will need to setup the router at each end to permit VPN traffic (protocol 50, 51; UDP 500, 4500) and route it to the internal VPN terminating host on each end. I would also suggest ensuring that the firewall be configured so that it only accepts connections from the remote address so it does not have to deal with someone attempting to compromise your network.

You may need to contact BT for router support to get the NAT and/or firewall setup.

There are some best practices for setting up a VPN using Windows. These include implementing DHCP services, creating an enterprise certificate authority, install and configuring IAS, creating a remote access policy, configuring the VPN server, associating the VPN server with the DHCP server, configuring your customer's remote clients and testing the client connection. SearchNetworkingChannel.com has a guide with all the gory details.