Re: Windows 2000 DHCP Server and VPN
From: Steven L Umbach (n9rou_at_n0-spam-for-me-comcast.net)
Date: 09/29/04
- Next message: Craig N.: "New Virus released, can anyone help identify it?"
- Previous message: Kevin: "Password/Services Change Question"
- In reply to: Bob: "Windows 2000 DHCP Server and VPN"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 29 Sep 2004 00:03:27 GMT
>From what you describe I am assuming you want to make the Windows 2000
Server a domain controller, but not sure. If you are going to use it also as
a domain controller it is critical that you configure dns correctly for the
domain controller and the Windows 2000 computers you want to make domain
members. Since you have some Windows 98 computers you will also want to use
wins since they rely totally on netbios name resolution and be sure to make
the domain controller a wins client even if it is also the wins server. Wins
will also make vpn connection browsing work better. DHCP will not be a
problem on the server with those amounts of computers. If you are going to
create an Active Directory domain read the link below on how to configure
dns including how to configure forwarders for your ISP dns servers in order
for your computers to correctly use dns for Active Directory and internet
name resolution.
http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B291382
Ideally if you are using a domain controller, you do not also want it to be
a remote access/vpn server. The main problem is that "browsing" in My
Network Places may be inconsistent since the domain controller will be the
master domain browser also. A lot of small businesses however do have there
servers do double duty however. If your internet router is a NAT type
device, you only need on nic in your server and then you need to port
forward vpn traffic to your vpn servers internal IP address on the lan. When
you enable the ras with the Remote Access Management Console and the wizard
starts select the last option for custom only if you are going to using one
nic on it as that will allow vpn to be configured for one nic. Have all
computers point to the NAT router as their default gateway and you will have
no problem with internet access. For vpn, you will want to use pptp unless
you are going to configure a Certificate Authority on your network to issue
computer certificates as l2tp requires the use of computer certificates on
server and client. L2tp will also not work over NAT when using a W2K server.
Pptp uses port 1723 tcp and protocol 47/gre sometimes referred to as pptp
pass-through on some routers. Be sure to configure your client vpn
connectoids to use pptp as network type in properties and not auto as auto
will try l2tp first in W2K. See the links below for more info. --- Steve
http://support.microsoft.com/default.aspx?scid=kb;en-us;308208
http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B810761
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/networking/rmotevpn.mspx
"Bob" <anonymous@discussions.microsoft.com> wrote in message
news:0d7101c4a587$ad4d2a60$a601280a@phx.gbl...
> We want to install Windows 2000 DHCP Server (on a PC used
> as a server) and VPN at our office.
>
> I "think" setting up the server and 30 or so workstations
> can be completed without too much trouble.
>
> a) I believe the W2K CD will basically walk me through
> the install, and the step-by-step info from Microsoft
> Windows 2000 web site covers DHCP server and client set-
> up fairly well. Appears straightforward and not too hard.
>
> After W2K Server install and reboot, we will
>
> b) set-up server as domain host and add 1-3 clients as
> users; I estimate anywhere from 2 to 4 hours to do this
> part (?).
> The remainder of workstations will be added after VPN
> test. (about 27 PC's, estimate 15-20 minutes per PC?)
>
> Once the network is up and running, I'm not really sure
> what we do next; how to set-up the VPN?
>
> A major concern is having the W2K DHCP Server (PC) handle
> the VPN duties.
> c1) Can the W2K DHCP Server be the VPN server also?
> (maximum 5 remote VPN users)
> c2) Stability?
> c3) Internet still accessible to workstations?
> c4) Filters?
>
> d1) Is VPN a set-up option from the W2K CD on initial
> install?
> d2) Is it a smart option?
> - OR -
> d3) is this done later somehow?; by W2K Admin Tools?
>
> Here is some general info about our current set-up.
> Workstations mostly running Windows 2000, a few are still
> running Windows 98
> We will be removing Windows NT server and Novell 4.0
> server, after W2K DHCP Server up.
>
> Number of clients; 30 or so PC's; and no expected growth
> over next 5 years.
> Remote VPN clients; Maximum of 5 remote access VPN
> clients.
>
> Server Hardware for Windows 2000 Server:
> PC used for server duty; Generic Intel MB and Processor,
> Seagate HD's mirrored.
>
> Current Internet gateway;
> Efficient Networks series 5800 (supplied by SBC). (think
> it may be a Cisco)
> The router will be configured to allow VPN by SBC
> - OR -
> we will purchase Cisco 831 router and we will configure
> it.
>
> If you have any advice, see any problems with this set-
> up, or know where I can find some more detailed
> instructions on the internet; especially setting up VPN,
> I would be extremely grateful. Our budget, as you can
> see, is limited. Thanks for your time.
>
- Next message: Craig N.: "New Virus released, can anyone help identify it?"
- Previous message: Kevin: "Password/Services Change Question"
- In reply to: Bob: "Windows 2000 DHCP Server and VPN"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
