DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
Site-Site VPN + Client - looking for some advi
- basmistry
- Topic Author
- Offline
- New Member
Less
More
- Posts: 4
- Thank you received: 0
19 Jan 2014 12:58 #78776
by basmistry
Site-Site VPN + Client - looking for some advi was created by basmistry
I've not setup Site-Site VPN before so looking for some advice.
Router A - IP Address 192.168.2.x with DHCP - Main Site with Windows 2012 Server (DHCP provide by Router)
Router B - IP Address 192.168.1.x with DHCP - no server just 3-4 userver with Notebooks but need to grow this to about 10 users and a Server
Both sites have VPN > Remote Access Control > Enable PPTP VPN Service is OFF
to allow Windows VPN pass-thru
I now need to add a Windows 2012 Server Site B and setup LAN to LAN VPN
The Server will be using Static 192.168.2.5 address
Home Workers need to access via their Notebooks using Windows VPN
so Users at Site B will use Site-Site VPN
Home users with use Windows VPN
Do I need to TRUN OFF the DHCP at site B (on 192.168.1.x) so that users will get 192.168.2.x range ?
or do I need to move the DHCP role to the Windows server ?
Can anyone see a problem with all this?
is there a better way to do this ?
Router A - IP Address 192.168.2.x with DHCP - Main Site with Windows 2012 Server (DHCP provide by Router)
Router B - IP Address 192.168.1.x with DHCP - no server just 3-4 userver with Notebooks but need to grow this to about 10 users and a Server
Both sites have VPN > Remote Access Control > Enable PPTP VPN Service is OFF
to allow Windows VPN pass-thru
I now need to add a Windows 2012 Server Site B and setup LAN to LAN VPN
The Server will be using Static 192.168.2.5 address
Home Workers need to access via their Notebooks using Windows VPN
so Users at Site B will use Site-Site VPN
Home users with use Windows VPN
Do I need to TRUN OFF the DHCP at site B (on 192.168.1.x) so that users will get 192.168.2.x range ?
or do I need to move the DHCP role to the Windows server ?
Can anyone see a problem with all this?
is there a better way to do this ?
Please Log in or Create an account to join the conversation.
- sicon
- Offline
- Contributor
Less
More
- Posts: 642
- Thank you received: 0
22 Jan 2014 11:54 #78803
by sicon
Replied by sicon on topic Re: Site-Site VPN + Client - looking for some advi
Hi
Switch off DHCP and the routers and add the role to the 2012 Servers.
Create a IPsec LAN to LAN between both sites
Do not put the Site B Server on a Site A IP address.
install Routing and Remote Access on the 2012 servers and switch off PPTP in the Drayteks.
If you cant do the RAS on the servers then set up the users on the Drayteks and let them do Windows VPN to them they will still pick up an IP Address from the DHCP on the 2012 servers.
When you have Windows servers is not really best practice to do DHCP on the routers.
Switch off DHCP and the routers and add the role to the 2012 Servers.
Create a IPsec LAN to LAN between both sites
Do not put the Site B Server on a Site A IP address.
install Routing and Remote Access on the 2012 servers and switch off PPTP in the Drayteks.
If you cant do the RAS on the servers then set up the users on the Drayteks and let them do Windows VPN to them they will still pick up an IP Address from the DHCP on the 2012 servers.
When you have Windows servers is not really best practice to do DHCP on the routers.
Please Log in or Create an account to join the conversation.
Moderators: Chris, Sami
Copyright © 2024 DrayTek