No announcement yet.

Site-to-Site VPN Support

  • Filter
  • Time
  • Show
Clear All
new posts

  • Site-to-Site VPN Support


    Please read this carefully and thoroughly before making a suggestion. And when you do suggest something, I need explicit detailed instructions please. I have NO IDEA what I'm doing.

    I'm trying to network two offices in two different cities. They both have the best DSL that is offered in their area; which is not very fast all... 720 up / 300 down. The branch office has a little bit of a higher speed than the corporate office and so we do not mind making the branch office into the corporate office if this project requires that the corporate office have the higher upload speeds.

    The company logistics is as follows:

    -Each location has a Win2k3 box.
    -Each office is on a peer-to-peer network.
    -Location A has 7 employees that work there Monday - Friday, and location B has 4 employees that also work Monday - Friday.
    -The company uses their Win2k3 box strictly as a file repository of about 1gig worth of MS Excel & Word documents in their shared documents folder. When location A adds, or makes changes to these files, they want location B to have full (live) access to these files, and vice versa.
    -They are afraid of some sort of a folder-sync utility as they feel that they will, very soon, wind up with copies that can not be synced for they have been changed at both locations.

    Problem number 1 - I have been able to use RAS, but do not understand it fully. I have been able to create a presistant connection from the branch office (location B) to the coporate office (location A). However, I can not get any of the desktops of the branch office to see the resources of the corporate office.

    Problem number 2 - I would prefer not to add any hardware unless someone can point out a security flaw with MS VPN, or with the MS platform that would coninve me to go with Cisco or something else.

    Problem number 3 - I've downloaded MS Sharepoint service (the free version) based on someone's suggestion and have installed it. But that person is no longer available and I don't know why he suggested I use it, nor do I know now how to use it.

    Problem number 4 - Bandwidth limitations. When I do connect the branch server (with the faster internet) to the coporate server (which has a slower internet) via VPN, then all the corporate office's traffic slows down and it seems like the corporate office is trying to get its web activity THROUGH the branch office. ie. When I make the VPN connection and packet sniff, if someone at the corporate office visits a website, I can see the branch office bandwidth spike.

    If anyone has any suggestions on how I can do this so that the branch office doesn't become a "gateway" for the coporate office's web traffic, I'd appreciate that being taken into consideration.

    Ok... Who can solve my problem?


  • #2
    Re: Site-to-Site VPN Support

    you have two options:
    1) provide Remote Access VPN to the corporate office for the remote office users. In short, the users at remote office have to VPN into the RRAS server to access the resources on the file server.
    At the same time if you do not want remote office clients to use corporate office network as GW for internet traffic, just un check the option of "use default gateway on remote network" under the VPN dialup settings.

    2) setup a site-site VPN between both locations and set up static routes on the RRAS server for each location. Point the clients to use RRAS as default GW. You need to point your fileserver to RRAS server as GW so that these shares can be accessible by remote office users.

    If you want further granularity, adjust the static routes to point to specific machines instead of subnets so that only the traffic bound to the server will use the DD link.