1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Win Serv 2003 -- VPN -- RV082 Help

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by SmallOffice, Dec 15, 2007.

  1. SmallOffice

    SmallOffice Network Guru Member

    I am looking for some helping configuring a VPN connection between Windows Server 2003 and the RV082. Here is my desired configuration:

    PC -- LAN -- RV082 -- WAN -- VPN/Internet -- Windows Server 2003

    I have been looking for a guide for making this tunnel. Can someone please point me in the right direction? (In particular, how to configure Server 2003.)

    BTW, the Windows Server is already running PPTP and we would like to keep it on.

    Thanks

    SO
     
  2. DocLarge

    DocLarge Super Moderator Staff Member Member

    Are you trying to connect "directly" to the VPN server or is it (VPN server) behind a router? My first thoughts are that you're running the server in a "multi homed" fashion (2 NICS).

    Is that your configuration at this time just so I'm clear?

    Jay
     
  3. SmallOffice

    SmallOffice Network Guru Member

    Hi Jay.

    Sorry for the delayed response. (I accidentally turned off instant e-mail notification.)

    I am not sure that I understand your question. I have rented a Windows Server 2003 box at a remote location. I would assume that this box is behind a router that I do not have access to. It appears to only have one NIC. I am trying to make a 'permanent' VPN tunnel between my local RV082 and this box.

    Here is a more detailed picture:

    PC -- LAN -- RV082 -- WAN -- VPN/Internet -- (WAN -- Unknown Router -- LAN) -- Windows Server 2003 Box

    Currently, I have configured the PPTP server on the Win Srv 2003 box to accept connections from client computers. I would like to keep this running so that clients at other locations can continue to access this box.

    Does this answer your question?

    BTW, there is a real need to solve this problem beyond convenience.

    Thanks

    SO
     
  4. DocLarge

    DocLarge Super Moderator Staff Member Member

    Okay,

    thanks for the update. Normally, people think they need "2" nics to run a vpn server. This is true "if" you are using your windows box to route WAN traffic on the first nic, and then do your internal LAN traffic on the second nic (which is actually how a linksys SOHO router is configured).

    Assuming if this computer is behind a router and its running one nic, then you're good; one nic is all you'll need. This way, the router is responsible for the security and not the vpn server (it's better this way; let hardware do its job :) )

    Let me look around now that I understand what you want to do (correct me if I'm still off); you want to configure a vpn tunnel between a 2003 vpn server and your RV082, correct? The only issue I see is getting the 2003 server to utilize IPSEC because the vpn tunnels on the RV082 are IPSEC with the exception of the onboard PPTP vpn clients.

    I'll hunt around and post back some sources...

    Jay
     
  5. SmallOffice

    SmallOffice Network Guru Member

    Correct!!
    I know understand why this is more difficult than I originally thought.
    Thanks.

    SO
     
  6. blake_

    blake_ LI Guru Member

  7. DocLarge

    DocLarge Super Moderator Staff Member Member

    Blake is on the right track. I do remember seeing something on the net before that gave specific instructions on how to configure "both sides" of the ipsec tunnel between a vpn server and a hardware device.

    I'm still not clear on something; do you have "one" or "two" nics in your microsoft vpn server?

    Jay
     
  8. blake_

    blake_ LI Guru Member

    I know that for PPTP/L2TP on Server 2003 you don't - I can't see IPSec having different requirements but I've never set it up like this... but I don't feel that using RRAS as your gateway is a good thing.
     
  9. SmallOffice

    SmallOffice Network Guru Member

  10. SmallOffice

    SmallOffice Network Guru Member

    Only one NIC in the Microsoft Windows Server 2003 acting as a VPN Server.
     
  11. SmallOffice

    SmallOffice Network Guru Member

    I have been trying to come up with an alternative solution.

    Can I configure QuickVPN on the Windows Server 2003 box to automatically connect to the RV082 upon boot-up? (No human interaction; no login)
     
  12. DocLarge

    DocLarge Super Moderator Staff Member Member

    Quickvpn is just a Windows IPSEC policy (lookin in the Linksys folder in the "program files" directory and see for yourself :) )

    I, personally am not the person to ask that question, but it may be something to ask in a separate thread.

    Now that I know you're using just "one" nic, what brand of router do you have running in front of your 2003 server?

    Jay
     
  13. SmallOffice

    SmallOffice Network Guru Member

    We rented a remote Windows Server 2003 Box. We do not have access to the router in front of it. However, we should have full network access to the box itself.

    I could forward a question to the technical staff of the company that we rented the box from.

    Hope this helps.
     
  14. SmallOffice

    SmallOffice Network Guru Member

    We are not trying to use the Server 2003 box as a gateway. We just want to set-up a 'permanent' VPN tunnel between the Server 2003 box and an RV082.

    We are interested in any alternative solutions.
     
  15. DocLarge

    DocLarge Super Moderator Staff Member Member

    Okay, I'm tracking now; let's do this shizell!!! :)

    Simple "temporary" solution: Have the admins maintaining your server forward internal/external ports 1723 to your vpn server; once they've done that, then you'll need to install RRAS:

    http://www.dslreports.com/forum/remark,15190829

    The next thing involved will be configuring the windows pptp vpn client on your users computers. I'll proabably have to throw a video together for that this weekend or sooner if possible. Or you can do a search on "configuring the windows vpn client."

    I'm calling my colleagues at "trainsignal" today to see if they've ever configured a hardware router to a microsoft vpn server connection. "I know" I've see something out on the internet for this; I'm just having a hard time running it down.

    In the interim, I'd say try and establish simple "client to gateway" PPTP vpn tunnels first. Do it in this fashion so as to show you're making some sort of progress to the final goal (permanent L2TP tunnel). Give 'em a little something to hold them off until the big finale :)

    Seriously, if you can get the PPTP vpn connections working, then adding the L2TP/IPSEC properties would be easier because L2TP acts in the same way. The only difference (if I remember correctly) is that you're going to need to install a "certificate server" for L2TP connections. Generally speaking, it's good to have your certificate server separate from your vpn server; installing both processes on the same box can be done, but not recommended (performance issues). I may have a training vid on this somewhere (I'll need to look).

    I'll check back in later with some findings on this one...

    Jay
     
  16. SmallOffice

    SmallOffice Network Guru Member

    Hi Jay.

    We very much appreciate your help. Please do not stress out about this one. It appears tougher than we imagined.

    We have already set-up the PPTP VPN connections. That is working with no problems. Please let me explain the main problem and perhaps there is an alternative solution.

    We have rented out multiple Windows 2003 Server boxes in several remote locations. We need to simultaneously VPN tunnel to these boxes from one computer. We thought that the PPTP VPN client connections would do the trick. The problem is that our hardware/software would only allow up to 2 PPTP VPN connections at one time. This will not work for us. We thought that by setting up 'permanent' tunnels between the local RV082 and the remote boxes would solve the problem. Perhaps this is too difficult.

    We have tried to understand the up to 2 PPTP VPN connection limit between our local client computer and multiple remote Windows Server 2003 RRAS boxes. Perhaps it is a limitation of our local router or local client computer. The router is the RV082. We have no way of testing it. We have tried different OSs on the local client computer including Win XP Pro and Win XP Pro x64. Both of them had the same result. Searching on the web (Google) has not helped. We do need to stay with a major Win OS (No linux etc).

    We are interested in any solution that help us address this challenge.

    Thanks

    SO
     
  17. DocLarge

    DocLarge Super Moderator Staff Member Member

    My first thoughts is that it's the router that's limitating your connections. It wasn't always like this. Back in the mid to late '90's, there were actually (I've been told) some older linksys routers that allowed more than 2 vpn connections out of the same gateway at the same time; there are a few out there that still do this, but I've heard this capability discussed amongst Netgear routers...

    Don't fret, what you're after is do-able, just not as "obvious" because not everyone is running the configuration you're after.

    Let's just say that your need has peaked my interest.... :)

    Jay
     
  18. SmallOffice

    SmallOffice Network Guru Member

    Work around...

    We have found a work-around to our problem.

    Basically, we have set-up the remote server boxes to PPTP VPN into the RV082. So the vpn connection is initiated on the Win 2003 Server Boxes.

    This method can survive a reboot by using the RASDIAL.EXE command and using scheduled tasks upon 'computer starts'.

    This work-around is limited to 5 PPTP connections on the RV082 which happens to work for my application.

    I very much appreciate all the the help from fellow form members.

    SO
     

Share This Page