adykes
Mon Nov 03 07:51:11 CST 2003
In article <edk##kboDHA.372@TK2MSFTNGP11.phx.gbl>,
Craig Iedema <ciedema@yahoo.com.au> wrote:
>Al,
>
>For the moment I will detail my setup for you. You may want to look at
>Mark's suggestions below also.
>
>Internet
> |
>ADSL Modem
> |
>Router (Public IP)
> |
>SBS (External NIC)
> |
>SBS LAN (Internal NIC)
>
>At the moment the Router is a NAT for the SBS box and SBS box is a NAT for
>the rest of the LAN, the router port forwards port 1723 to the SBS server
>allowing anyone to VPN in, I ran the ICW to set this up. Once I have
>VPN'ed in I can run any remote control software I like and/or access all
>network resources.
>
Does this work from a PC at home that's behind a NAT box ?
Thanks
>
>Craig
>
>
>
>"Al Dykes" <adykes@panix.com> wrote in message
>news:bo4f4q$ja9$1@panix3.panix.com...
>> In article <#GZlHxaoDHA.2592@TK2MSFTNGP10.phx.gbl>,
>> Craig Iedema <ciedema@yahoo.com.au> wrote:
>> >Hi Al,
>> >
>> >You shouldn't need to get new ip address and the like all you need to do
>is
>> >VPN into to your network, once you have done this is like you are on your
>> >LAN. Depending on what the answers to the below are (and couple others
>> >probably) we can determine how to set it up.
>> >
>> >What are you using to do the NAT? (SBS, 3rd Party Firewall, both).
>> >
>> >Is SBS setup with the recomended 2 NIC configuration?
>> >
>>
>> The adsl hookup right now is a linksys box doing nat. That's going
>> to change as soon as I can figure out what to replace it with.
>>
>> The sbs server has a single nic. I expect to put a second nic as
>> there's a reason to.
>>
>>
>> >
>> >
>> >
>> >"Al Dykes" <adykes@panix.com> wrote in message
>> >news:bo4a8c$d0m$1@panix3.panix.com...
>> >> My company (50 PC users) has a adsl internet hookup with a NAT router
>> >> and we recently got an SBS2k server and we are happily using it behind
>> >> NAT.
>> >>
>> >> Now we want to start buying laptops and implement some form of
>> >> mobility for some of our people. We've started by using go2mypc which
>> >> works fine, but will be expensive for the long run. We use outlook,
>> >> office and access some propriatery applications that we can't expose
>> >> directly to the internet without lots of thought.
>> >>
>> >> We probably need some sort of VPN solution and I have a bunch of
>> >> questions; The first one is, do we need to get an ISP to supply us
>> >> with an IP block large enough for the entire company of is there a
>> >> router/firewall product that can use NAT but still allows incomming
>> >> VPN connections.
>> >>
>> >> I know that basic NAT is VPN show-stopper. Several of us have NAT
>> >> routers at home and NAT-NAT connections are even harder to do VPN
>> >> over. Users are non-technical and I don't see VPN tunnels as part of
>> >> the company-wide solution, partly because these are not company-issued
>> >> and probably no two are alike. I'm willing to buy the hardware
>> >> necessary to make this work. We have no plan to run public web servers
>> >> from this location.
>> >>
>> >> I can imagine, with the right equipment, getting a second IP (static)
>> >> adddress from our ISP and using it for incomming connections, but, if
>> >> this is really possible I need recommendations for specific equipment
>> >> to be able to visualize it.
>> >>
>> >> Is the answer to switch to the entire company to routable IP addresses
>> >> ?
>> >>
>> >> Any comments are welcome.
>> >>
>> >>
>> >>
>> >>
>> >> --
>> >> Al Dykes
>> >> -----------
>> >> adykes@panix.com
>> >>
>> >
>> >
>>
>>
>> --
>> Al Dykes
>> -----------
>> adykes@panix.com
>>
>
>
--
Al Dykes
-----------
adykes@panix.com