VPN Out through RRAS ????

I have a small network at home running SBS2003. I have a
work laptop that I use to VPN to work.
Currently I have the DSL Router, connected to a Multi-
homed SBS2003 Server which then connects to my internal
network. I have to connect the Laptop directly to the
DSL Router for VPN to work.

I would like to, for a number of reasons, connect the
Laptop to the internal network. Then use RRAS to allow
me to VPN to work through the Server.

Can this be done ???
How do I configure the static route, using the laptops IP
address, or the VPN IP ??
I can have DHCP hand out whatever address to the laptop.

Would I need a special IP Address for the laptop
..

Because you have both the duel-home SBS Server and the DSL Router you have
effectively created a "Back-to-Back DMZ between the SBS and the Router. This
prevents it from working and is why you have to plug the Laptop into the
Router (the DMZ) to work.

If you don't have a specific reason to have the Back-toBack DMZ, I suggest
replacing the DSL Router with the SBS Server itself. The SBS Server would
"provide" the Internet connection to the other machines and would itself
connect to the Internet via a DSL Modem (not Router).

Then if SBS is sharing the Internet connection using RRAS/NAT your Laptop
would VPN fine from behind it. If your variation of SBS has ISA Server on
it, then the Laptop would have to function as a SecureNAT Client to ISA
before it would be able to generate its own VPN outgoing connection.

If you need to keep the DMZ, then you may just have to keep doing it the way
that you are.

--

Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com


"Kevin K" <(E-Mail Removed)> wrote in message
news:1cc5401c452f2$0c5fe170$(E-Mail Removed)...
> I have a small network at home running SBS2003. I have a
> work laptop that I use to VPN to work.
> Currently I have the DSL Router, connected to a Multi-
> homed SBS2003 Server which then connects to my internal
> network. I have to connect the Laptop directly to the
> DSL Router for VPN to work.
>
> I would like to, for a number of reasons, connect the
> Laptop to the internal network. Then use RRAS to allow
> me to VPN to work through the Server.
>
> Can this be done ???
> How do I configure the static route, using the laptops IP
> address, or the VPN IP ??
> I can have DHCP hand out whatever address to the laptop.
>
> Would I need a special IP Address for the laptop
> .
>
>

Thanks for the input.

Unfortunately, at least for now, I actually have iDSL so
I think I need the DSL Router which is also a modem (?).

I also set things up like this to give me an added
security blanket. It would probably be pretty tough to
hack into my network. I had just hoped to move the
router elswhere.

Thanks again.


>-----Original Message-----
>Because you have both the duel-home SBS Server and the
DSL Router you have
>effectively created a "Back-to-Back DMZ between the SBS
and the Router. This
>prevents it from working and is why you have to plug the
Laptop into the
>Router (the DMZ) to work.
>
>If you don't have a specific reason to have the Back-
toBack DMZ, I suggest
>replacing the DSL Router with the SBS Server itself.
The SBS Server would
>"provide" the Internet connection to the other machines
and would itself
>connect to the Internet via a DSL Modem (not Router).
>
>Then if SBS is sharing the Internet connection using
RRAS/NAT your Laptop
>would VPN fine from behind it. If your variation of SBS
has ISA Server on
>it, then the Laptop would have to function as a
SecureNAT Client to ISA
>before it would be able to generate its own VPN outgoing
connection.
>
>If you need to keep the DMZ, then you may just have to
keep doing it the way
>that you are.
>
>--
>
>Phillip Windell [MCP, MVP, CCNA]
>www.wandtv.com
>
>
>"Kevin K" <(E-Mail Removed)> wrote in
message
>news:1cc5401c452f2$0c5fe170$(E-Mail Removed)...
>> I have a small network at home running SBS2003. I have
a
>> work laptop that I use to VPN to work.
>> Currently I have the DSL Router, connected to a Multi-
>> homed SBS2003 Server which then connects to my internal
>> network. I have to connect the Laptop directly to the
>> DSL Router for VPN to work.
>>
>> I would like to, for a number of reasons, connect the
>> Laptop to the internal network. Then use RRAS to
allow
>> me to VPN to work through the Server.
>>
>> Can this be done ???
>> How do I configure the static route, using the laptops
IP
>> address, or the VPN IP ??
>> I can have DHCP hand out whatever address to the
laptop.
>>
>> Would I need a special IP Address for the laptop
>> .
>>
>>
>
>
>.
>

"Kevin K" <(E-Mail Removed)> wrote in message
news:1de0801c4548d$955787c0$(E-Mail Removed)...
> Unfortunately, at least for now, I actually have iDSL so
> I think I need the DSL Router which is also a modem (?).

Yes, they can be built into the same device.

> I also set things up like this to give me an added
> security blanket. It would probably be pretty tough to
> hack into my network. I had just hoped to move the

Well, security is more than NAT Boxes and DMZs. DMZs have their place but I
believe you can be secure without them. Anyway, I believe what I described
is what you are dealing with and I don't know of a good way around that with
your type of equipment. Equipment that is more "comercial grade" may have
ways to work it out, but it involves working with the vendor that produced
them to deal with their often proprietary ways of doing things, and even
then I don't readily know of a way to handle this even with that.

--

Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com