VPN & Two Offices
Hi,
I'm currently (attempting!) to configure a network for a family buisness of ours,
We have 2 sites (HQ and remote office) and need to bridge the two networks over the internet.
HQ - 10.1.x.x
Remote Office - 10.2.x.x
Both sites will have a single Windows 2003 Standered server to manage AD, DNS, DHCP etc.
What is the best way to go about VPN'ing the two servers? I understand I'll need a site-to-site connection - thus allowing me to share the AD domain & files between the two servers?
Should I stick with the Windows 2003 built-in VPN or opt for something like OpenVPN?
The other issue I have is either one of the servers could be offline whilst the other is online - would the VPN able to re-try connections untill its available? Or would this be a issue?
Software/Hardware used:
Software/Hardware used:
ASKED:
April 3, 2008 2:01 PM
UPDATED:
April 5, 2008 12:36 AM
Answer Wiki:
In your situation I would go with a hardware VPN solution. This box would maintain your VPN as long as you have internet connectivity on both sides.
I use Sonicwall's TZ150 for this and seems to just work. A set it and forget type of situation. If you want to do it for free you can use the built in windows 2003 vpn capability. But you will have to manually restart the connections and should have a little knowledge regarding networking and vpn's.
<a href="http://www.sonicwall.com">The sonicwall home page is here </a>and <a href="http://www.sonicwall.com/us/products/TZ_Series.html">here is the product page for the one I use here</a>
I<a href="http://www.nextag.com/Sonicwall-TZ-150-Internet-67732741/prices-html"> found them as low as $218 per box here on next tag</a>
You can also look at the Linksys <a href="http://www.linksys.com/servlet/Satellite?c=L_Product_C2&childpagename=US%2FLayout&cid=1115416833192&pagename=Linksys%2FCommon%2FVisitorWrapper&lid=3319254480B02">RV042 </a> at about $180 US each.
To see all answers submitted to the Answer Wiki: View Answer History.
Just to avoid any confusion,
Both sites have will have their own server locally to manage the services
Also – would it be possible to also run a client-connect VPN along with the site-to-site connection, so remote users can connect in to their local server from home?
Any help is much appreciated!
I would not run a VPN directly from server to server, you should leave it up to your Internet router/firewall. What kind of router/firewall do you have at each location? They should be the same and able to support site-to-site VPNs. Also, depending on the equipment, you should be able to setup a client VPN to them. Also, keep in mind that a site-to-site VPN won’t work if both endpoints are getting their public IP via DHCP. I would upgrade both sites to a static IP with your ISP.
Do not expose your servers to the Internet. Use a Hardware solution. I use MultiTech RouteFinder VPN Routers.