|
To configure SBS
VPN access:
When
working with SBS it is very important to use the wizards. The configuration
still uses RRAS (Routing and Remote Access), but the wizards automatically
configure the VPN, routing, the Windows firewall, as well as DHCP and name
resolution, for the VPN clients.
To create the server end of the VPN; open the Server Management console, click
on Internet and E-Mail, followed by Configure Remote Access, and follow the very
short wizard. If you want to verify the configuration there is a great article
at:
http://www.onecomputerguy.com/networking/w3k_vpn_server.htm
However, only use it for reference, use the wizard for the basic configuration.
You
also need to forward port 1723, and GRE from the router to the SBS. Depending on
the router, GRE may be a specific command, or is often labeled "PPTP
pass-through". For many routers detailed instruction for port forwarding of port
1723 can be found by going to the following link:
http://www.portforward.com/english/applications/port_forwarding/PPTP/PPTPindex.htm
If
your router has UPnP enabled, SBS will actually configure the port forwarding
for you. There are some security concerns with having UPnP enabled:
http://www.grc.com/UnPnP/UnPnP.htm
SBS also has wizards for configuraing the client end. There are 2 methods to
configure the client machine. 1) You can create a disk to configure the remote
computer connection. This is done on the same page of the Server Management
console, and is called Create a Remote Connection Disk. 2) When the user
connects to Remote Web Workplace, they have the option to download and install
the VPN client. The client can be configured manually, but it is recommended to
use one of the two methods above, especially to have name resolution work
correctly. Should you need to do so manually see:
http://www.onecomputerguy.com/networking/xp_vpn.htm
|
