Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Windows 2000 Server VPN

Status
Not open for further replies.
msilka

msilka

Programmer
Jan 17, 2002
50
US
My company will be implementing a VPN solution for our outside salespeople.

We have the router configured for the correct ports and have the VPN services running on out server.

I can connect by VPN from a WIN XP machine internally but cannot do it externally.

Our company's website is The DNS and MX records are correct.
It has been stable for years.

The server we want to VPN into is on the same domain but a different server (Server2).

In the VPN setup I type in Server2.mycompany.com as the VPN Server.
Do I need to add a record in DNS to point to this VPN server? I figured any traffic to would go to our router and then get distributed via our access-lists.

Thank you
 
Sort by date Sort by votes
The Hardware that is accepting the actual VPN connection(router or server) needs a public ip address (exception covered below). You can't have a private address for it as it is not routable over the internet. If you set up a router to accept vpn, then this is your hardware. If you set up a server to accept vpn, then the server is your hardware. You can test it by logging onto an ISP and then creating a vpn connection to the ip address of your vpn providing hardware. If you want dns resolution, you need to know who is hosting the domain dns zone for the internet... your company or your company's internet provider. Many ISP's don't allow updating of their DNS except by trusted servers (prevents joe blow from logging into the internet with a server and creating a dns subdomain off of the isp's domain).

As for that exception, you may be using Network Address Translation (NAT) on your network to translate a group of private addresses to a single/multiple public ip address. If you are doing this, you must edit the NAT settings to specify that the ports you are using for your VPN will map directly to a private address... thus making your private VPN server address look public (connect to the public address of your NAT translator) on those ports. Note that with NAT, you are limited in VPN connectivity. L2TP may not be supported at all. The router may not support VPN address translation if it is doing the NAT. 2000 Server will support NAT on a PPTP and even allow MPPE encryption on it.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
724
Aquiles Vidal
Aquiles Vidal
rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
948
suncit
suncit
MaioMaio
  • Locked
  • Question
Server Remote Desktop License
Replies
0
Views
541
MaioMaio
MaioMaio
antonio_dsanchez
  • Locked
  • Question
post-installation WSUS windows server 2016
Replies
0
Views
568
antonio_dsanchez
antonio_dsanchez
DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
826
DrB0b
DrB0b

Part and Inventory Search

Sponsor

Back
Top