Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Branch Office Setup - Help!!!

Status
Not open for further replies.
briteeyez

briteeyez

IS-IT--Management
Nov 26, 2001
194
EC
Hi Everyone

Present Setup
I have just configured my network into a single Active Directory Domain 2003 structure. I have completed all the major work at the Headquarters, however I now have to migrate the satellite offices. Services installed are as follows: DHCP, DNS. The network is a native Windows 2003 server environment running a native Exchange 2003 server.

One office has approx. 10 users. This office has a DC, which is also a GC and an Exchange server located there. The other offices spread across Canada only have 1 user located at each site and hence no DC is located at these sites. Each user is running a T1 internet connection.

I would like to implement a VPN for these one person offices. I was reading up on RAS, is this a problematic VPN server. What is the best practice in setting up this server. How would users be allocated an IP address from the headquarters DHCP server. Would there computers need to be added to the main AD database. What is the best method to do this seeing their are not on site.

How can I accomodate for when these users are on the road and don't need to connect to the main network. Do they log into their local machines then. Do they lose their profiles.

Please help. Any help is greatly appreciated.

Regards.
 
Sort by date Sort by votes
Hello,

Your remote employees that connect through VPN will automatically be assigned an IP from your main network. In fact, that employee will actually have 2 IPs. The first one is the one that allows this employe to connect to the Internet and the second one will be the IP give to him/her from the main network. A problem can arise is that if this single employee is behind NAT and receives an IP that is in the same subnet as one that is assigned to him/her from the main office. There can be definitely an IP conflict. Here's an example : The T1 CSU/DSU is Nat enabled at the remote office. Your employee gets the IP 192.168.0.10 . Then your employee connects to the main office through VPN and gets assigned IP 192.168.0.100 . If someone at the main office already has the IP 192.168.0.10, then there might be a problem. Ideally the remote offices should use a different IP Range. I have a similar setup for some of my clients. Also make sure your firewall (I hope you have a good one on either end) allows PPTP pass-through. You'll need to open one port (I think 1423) and all the GRE protocol to pass through to your RAS server.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Abdullah Al Maruf
  • Locked
  • Question
Telnet help for
Replies
2
Views
772
gbaughma
gbaughma
Scparks
  • Locked
  • Question
Trouble with setting up a SMTP Relay to Office 365
Replies
0
Views
277
Scparks
Scparks
bechna
  • Locked
  • Question
Windows Server and VPN Setup
Replies
1
Views
301
DrB0b
DrB0b
on3mansh0w
  • Locked
  • Question
[HELP] AD GPO not applied unexpectedly
Replies
0
Views
318
on3mansh0w
on3mansh0w
Fireksf
  • Locked
  • Question
Avaya IPOCC not generate Report, Please any body if you a have any idea help me.
Replies
1
Views
352
MarkSweetland
MarkSweetland

Part and Inventory Search

Sponsor

Back
Top