newbie VPN questions

What is the easiest way to have to different remote
offices form a secure network over the Internet. I have
a LAN in CT and LAN in VA and I want them to look like
one network to users on both sides. This is what my
networks consist of... CT= Windows Server 2003 Server AD
Network with the DC running DNS. The D-Link DI-604
Router runs DHCP and the Firewall and supports VPN
passthough. All workstations in CT run XP Pro. VA=
Workgroup of about 10 computers all running XP Pro
connected to each other via a couple switches and the
same D-Link router as CT. I was thinking maybe I could
do some kind of VPN connection to the 2003 server in CT.
But I want it to be as transparent as possible with the
smallest amount of money spent. I was thinking about to
implementing a router-to-router (r-t-r)VPN but haven't
heard about how nicely this works. I also wanted to know
if R-t-R VPN's are fully automated or does a user have to
do something every time they want to connect. And can
you connect one router that supports r-t-r but to a
Windows Server? One last question is, what exactly is
site-to-site VPN and would it work for me? Thanks in
advance and feel free to email me if you wish. -Lydell
(E-Mail Removed) but remove
the "nospam."

"Precision" <(E-Mail Removed)> wrote in message
news:073e01c46db2$c1f34b50$(E-Mail Removed)...
> What is the easiest way to have to different remote
> offices form a secure network over the Internet. I have
> a LAN in CT and LAN in VA and I want them to look like
> one network to users on both sides. This is what my
> networks consist of... CT= Windows Server 2003 Server AD
> Network with the DC running DNS. The D-Link DI-604
> Router runs DHCP and the Firewall and supports VPN
> passthough.

"Router-to-Router VPN" is the only good way to do it to accomplish your
stated goals. Since the D-Link boxes probably cannot behave as VPN Servers
themselves, you probably will have to use their VPN Pass-through ability and
do it with Windows Server boxes at each site. These articals describe the
process:

Virtual Private Networking with Windows Server 2003: Deploying Site-to-Site
VPNs
http://www.microsoft.com/technet/pro.../vpndpls2.mspx

Virtual Private Networking with Windows 2000: Deploying Router-to-Router
VPNs
http://www.microsoft.com/windows2000...eplyr2rvpn.asp


--

Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

Please repost Phillip Windell, your message didnt go
through.

I wouldn't use Microsoft for VPN buliding.. Spend the
money and buy VPN/Firewall Appliances (netscreen,
Watchguard, Check point etc.)

Much easier to deal with and offer more simplicity.


>-----Original Message-----
>Please repost Phillip Windell, your message didnt go
>through.
>.
>

The only problem with that is that I don't have the money
to spend. Any answers to my questions?

"Precision" <(E-Mail Removed)> wrote in message
news:073e01c46db2$c1f34b50$(E-Mail Removed)...
> What is the easiest way to have to different remote
> offices form a secure network over the Internet. I have
> a LAN in CT and LAN in VA and I want them to look like
> one network to users on both sides. This is what my
> networks consist of... CT= Windows Server 2003 Server AD
> Network with the DC running DNS. The D-Link DI-604
> Router runs DHCP and the Firewall and supports VPN
> passthough.

"Router-to-Router VPN" is the only good way to do it to accomplish your
stated goals. Since the D-Link boxes probably cannot behave as VPN Servers
themselves, you probably will have to use their VPN Pass-through ability and
do it with Windows Server boxes at each site. These articals describe the
process:

Virtual Private Networking with Windows Server 2003: Deploying Site-to-Site
VPNs
http://www.microsoft.com/technet/pro.../vpndpls2.mspx

Virtual Private Networking with Windows 2000: Deploying Router-to-Router
VPNs
http://www.microsoft.com/windows2000...eplyr2rvpn.asp


--

Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

Buying a new server is gonna cost me a good chunk of
money. Anything else?

"Precision" <(E-Mail Removed)> wrote in message
news:014401c46dd4$63cd9bd0$(E-Mail Removed)...
> Buying a new server is gonna cost me a good chunk of
> money. Anything else?

Manual typewriter, abacus, pencils & pencil sharpener, postage stamps :-)

Well, I think a VPN Appliance would be cheaper than a Computer when you
figure the cost of the hardware and the OS to put on it.

--

Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

Even if money is tight, trying to use your primary domain controller as
a router is not recommended. As soon as you make it a RRAS server you will
get browsing and name resolution problems. Separate VPN routers are highly
recommended, even if they are RRAS routers. And satisfactory VPN appliances
should be cheaper than RRAS servers.

"Phillip Windell" <@.> wrote in message
news:#(E-Mail Removed)...
> "Precision" <(E-Mail Removed)> wrote in message
> news:014401c46dd4$63cd9bd0$(E-Mail Removed)...
> > Buying a new server is gonna cost me a good chunk of
> > money. Anything else?
>
> Manual typewriter, abacus, pencils & pencil sharpener, postage stamps :-)
>
> Well, I think a VPN Appliance would be cheaper than a Computer when you
> figure the cost of the hardware and the OS to put on it.
>
> --
>
> Phillip Windell [MCP, MVP, CCNA]
> www.wandtv.com
>
>