No announcement yet.

SBS 2003 Site to Site VPN

  • Filter
  • Time
  • Show
Clear All
new posts

  • SBS 2003 Site to Site VPN

    Hi All,

    have spent the last 3 days Googleing this one and seen many references but not a here I am.

    I have a 2 NIC sbs 2003 box sitting behind a Draytek router.
    External Network:
    Internal Network:
    DHCP from SBS

    I have a remote site with 3 PC's on another Draytek network.

    Both ends have a fixed external IP's.

    The problem/advice required is how to connect the remote office to the head office.

    I set up a PPTP site to site VPN between the Drayteks which appears to be working ok.
    Can ping the routers internal IP's from both ends.
    Can ping the server external IP from the BO but cannot ping the internal interface.

    I would like to get a permanent VPN from the BO to the HO for authentication, Outlook and folder browsing (or at the least a mapped drive).

    I need advice on wether I sould be using the SBS as the end point or the Draytek.
    I'm sure there must a number of setups like this. Just can't find the how to.
    If more info is required please let me know.


  • #2
    Re: SBS 2003 Site to Site VPN

    IMHO, unless you need the second NiC (e.g. for ISA server), have the SBS box as yet another computer on the LAN and rely on a router-router VPN which I know the Drayteks can do

    I presume you have set up RRAS on the SBS, so have you ensured the routing element is functioning correctly -- if it is, you should be able to reach the LAN side from outside
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    IT Trainer / Consultant
    Ossian Ltd

    ** Remember to give credit where credit is due and leave reputation points where appropriate **


    • #3
      Re: SBS 2003 Site to Site VPN

      My personal preference is to use RRAS to RRAS VPNs, or ISA to RRAS if you have SBS Premium. Most companies (IME) prefer to use RRAS for client access anyway, as this negates the need for extra credentials to be remembered, bypasses any limits on the number of clients supported by the router, and there is no extra software required as a lot of companies (E.g. Cisco, Netgear) use.
      BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
      Cruachan's Blog