Phillip, Thanks for your answer. I should have realized I needed to be more
specific on current setup
Main Office is running behind a watchguard Connected to the internet. It has
a public IP and all internal machines have private IPS (192.168.1.X).
There's a domain with a DC and a BDC on W2k servers, also running AD. We're
connecting to branch 2 via public Internet going out thru the firewall using
a cable modem connection and home office has fixed public IP, branch 2 is on
an ADSL line, with a fixed Public Ip and machine and printer are on private
IP Natted (range 192.168.1.X)
We're connecting to branch 1 from home office only for now, from one of our
switches(hubs) at Home office to a Gandalf router connected to dedicated
ISDN lines, always open ( its not long distance) home network side of home
Gandalf has a private IP, Public fixed IP and same at branch 1 (Gandalf) to
hub to computers with private Ip address range (192.168.1.X). As I think of
them (and I may be wrong) I consider the route accross the Gandalfs in the
same way as I would a simple cable between a two switches except that its
slower. In practical terms I notice that I can't have duplicatre private IP
adresses at home office and at branch 1, and I don't think that that's good.
I think they should get away from using ISDN and switch over to ADSL (cable
is not available at branch 1, nor is any other high speed connection at
least at a reasonable price for a small co.) I would think of setting up the
branch 1 office behind a watchguard router with a fixed public IP and
private internal IP's for the computers and printers there. A couple of
years back they had ADSL installed but the owner did not want to give up the
ISDN's untill it was proven to him that the ADSL would work reliably.
Unfortunately, at that time it was not satisfactory (not my fault, we didn't
do that install, the service provider did and screwed it up). So not sure if
we can get him to move away from ISDN, I doubt it.
One of the problems is that they have a Unix box that prints to branch 1
from a Unix prog we don't control, but we know it goes over the ISDN wires.
I don't know how that Unix printing would be affected by moving to ADSL and
a VPN. That's just one of the things I'm trying to get a handle on without
any collaboration from the guys who installed the program. Oh well.
In any case Phillip, thanks for taking the time to answer. If you have any
other insights I would realy appreciate them.
Bob
"Phillip Windell" <@.> wrote in message
news:%(E-Mail Removed)...
>
> "Bob" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>
>> We are now thinking of installing an ISA server 2004 at the main office
> and
>> implement a VPN. To print as described above, do we also need to install
> an
>> ISA server at the site that has a small LAN? I know we can print now
> (we're
>> doing it without a VPN) to all sites, however I wonder if a VPN changes
>> anything in this regard.
>
> Impossible to answer. You have never indicated by what means these
> networks
> connect to each other now. There is a huge difference between doing it
> over
> private lease lines with RFC Private IP#s or over the Public Internet with
> all machine using Public IP# or by running NAT Devices at each site so
> they
> use private IP#s and use VPN to jump the NAT Devices. You could easily
> already have a very bad design that is "unworkable" and will have to be
> totally restructured.
>
> --
> Phillip Windell [MCP, MVP, CCNA]
> www.wandtv.com
> -----------------------------------------------------
> Understanding the ISA 2004 Access Rule Processing
> http://www.isaserver.org/articles/IS...cessRules.html
>
> Microsoft Internet Security & Acceleration Server: Guidance
> http://www.microsoft.com/isaserver/t...dance/2004.asp
> http://www.microsoft.com/isaserver/t...dance/2000.asp
>
> Microsoft Internet Security & Acceleration Server: Partners
> http://www.microsoft.com/isaserver/partners/default.asp
> -----------------------------------------------------
>
>
>
Similar Threads
Linear Mode
