Configuring a VPN server behind a DLink router?

I have a DLink router forwarding ipsec and pptp packets to my Domain
Controller/DNS/DHCP server. I tried to add VPN to the server but it would
not setup with only one NIC, so I added an additional NIC but this only
shutdown DHCP assignments. HELP!

First a warning. It is not a great idea to set up your first/only DC as a
VPN server. As soon a a remote client connects, your server becomes
multihomed, and you get all sorts of Netbios and DNS name problems plus
browsing problems on the LAN. See KB 292822.

Do not put two NICs in the server. That just complicates things. If you
must use your DC as a remote access server, set it up as a remote access
server with one NIC. Check the config by connecting to it from another LAN
client.

When this works, set up your port forwarding and try to connect through
the Internet to the router's public IP. Try PPTP first. L2TP with IPSec can
be pretty tricky, unless you are up to speed on IPSec and certificates.

If you really want to use two NICs in the server, you will need to
reconfigure your LAN so that the server is the default gateway of your LAN.
The "private" NIC of the server becomes the LAN gateway, and the other NIC
becomes the "public" connection. Only this NIC connects to the router. The
server-router link must be in a different subnet from the LAN (more like a
DMZ).

"DougB" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> I have a DLink router forwarding ipsec and pptp packets to my Domain
> Controller/DNS/DHCP server. I tried to add VPN to the server but it would
> not setup with only one NIC, so I added an additional NIC but this only
> shutdown DHCP assignments. HELP!
>
>

Thanks, I understand the security risks, but this is a test scenario. I
would prefer one NIC but i had the vpn configuration stop because i only had
one NIC so I added another. One or two doesn't matter I just need to get it
working.

"Bill Grant" <not.available@online> wrote in message
news:(E-Mail Removed)...
> First a warning. It is not a great idea to set up your first/only DC as
a
> VPN server. As soon a a remote client connects, your server becomes
> multihomed, and you get all sorts of Netbios and DNS name problems plus
> browsing problems on the LAN. See KB 292822.
>
> Do not put two NICs in the server. That just complicates things. If
you
> must use your DC as a remote access server, set it up as a remote access
> server with one NIC. Check the config by connecting to it from another LAN
> client.
>
> When this works, set up your port forwarding and try to connect
through
> the Internet to the router's public IP. Try PPTP first. L2TP with IPSec
can
> be pretty tricky, unless you are up to speed on IPSec and certificates.
>
> If you really want to use two NICs in the server, you will need to
> reconfigure your LAN so that the server is the default gateway of your
LAN.
> The "private" NIC of the server becomes the LAN gateway, and the other NIC
> becomes the "public" connection. Only this NIC connects to the router. The
> server-router link must be in a different subnet from the LAN (more like a
> DMZ).
>
> "DougB" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> > I have a DLink router forwarding ipsec and pptp packets to my Domain
> > Controller/DNS/DHCP server. I tried to add VPN to the server but it
would
> > not setup with only one NIC, so I added an additional NIC but this only
> > shutdown DHCP assignments. HELP!
> >
> >
>
>

Then disable one NIC and run the setup wizard for a remote access server.
Test it locally, and when it works, try port forwarding from the router and
connect from the Internet.

"DougB" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Thanks, I understand the security risks, but this is a test scenario. I
> would prefer one NIC but i had the vpn configuration stop because i only
had
> one NIC so I added another. One or two doesn't matter I just need to get
it
> working.
>
> "Bill Grant" <not.available@online> wrote in message
> news:(E-Mail Removed)...
> > First a warning. It is not a great idea to set up your first/only DC
as
> a
> > VPN server. As soon a a remote client connects, your server becomes
> > multihomed, and you get all sorts of Netbios and DNS name problems plus
> > browsing problems on the LAN. See KB 292822.
> >
> > Do not put two NICs in the server. That just complicates things. If
> you
> > must use your DC as a remote access server, set it up as a remote access
> > server with one NIC. Check the config by connecting to it from another
LAN
> > client.
> >
> > When this works, set up your port forwarding and try to connect
> through
> > the Internet to the router's public IP. Try PPTP first. L2TP with IPSec
> can
> > be pretty tricky, unless you are up to speed on IPSec and certificates.
> >
> > If you really want to use two NICs in the server, you will need to
> > reconfigure your LAN so that the server is the default gateway of your
> LAN.
> > The "private" NIC of the server becomes the LAN gateway, and the other
NIC
> > becomes the "public" connection. Only this NIC connects to the router.
The
> > server-router link must be in a different subnet from the LAN (more like
a
> > DMZ).
> >
> > "DougB" <(E-Mail Removed)> wrote in message
> > news:(E-Mail Removed)...
> > > I have a DLink router forwarding ipsec and pptp packets to my Domain
> > > Controller/DNS/DHCP server. I tried to add VPN to the server but it
> would
> > > not setup with only one NIC, so I added an additional NIC but this
only
> > > shutdown DHCP assignments. HELP!
> > >
> > >
> >
> >
>
>