VPN on ADSL

ggrramalingum · ‎09-24-2003

HI all,

i am having a head-ache to build up a configuration.this is what i need:

i have a Head Office server running SBS 200 + a Point of sale System (xbased). i also have to remote shops that use the same POS system. but the system is not live. i am trying to build up a live system. for that purpose i am setting up adsl connections at the three locations.( i only have this possibility)

Head Office : 512kbps ADSL with Fixed IP address 213.x.x.200 LAN ip address of server is 193.1.1.1

Curepipe (remote 1 ) : 512 kpbs ADSL dinamic ip address

C-Fouquereaux (remote2): 512 kpbs ADSL dinamic ip address

I am setting up a VPN network, VPN server ( windows 2000) running at the Head Office on the SBS server.

the head office is connected to the internet through a cisco 827 adsl router (with firewall).

the other sites uses simple Binatone adsl modems.

I want to protect my SBS server from the internet.

but as i have only one public address i need to redirect all VPN traffic to my local server. tcp on port 1723 and 47

I must use PAT to achieve that.

but how can i configure my cisco 827 adsl router for this topology. ihave tried but have not been able to do it.

i must also make seure that the vpn is very ecure. the adsl connections at the remote sites will nto be used for internet , but soley as a lan extension of the Head office.

mostiguy · ‎09-29-2003

I don't think there is a way to forward all GRE packets from the IOS device to the win2k server.

I would recommend putting a 10 user pix 501 firewall in each remote office for US$400ish apiece, and setting up IPSec tunnels from them to the IOS device - this will separate your network layer from the windows networking layer and will help troubleshooting, IMHO