I'm a little new to the whole VPN, Firewall game, so I hope one of the
experts out there can help me out..
We have 7 offices total, 3 major offices with 4 smaller sales branches.. We
have an agenda to have us all working together on a secured lan/wan via
VPNs. I have 3 Checkpoint firewalls ready to be dropped into the major
centers, but budgets will not allow us to purchase any more of these suckers
for the other 4 offices at this time.. We run a windows 2000 network with
a singular domain.. At our offices with firewalls we've been using the
checkpoint as a gateway with hiding nat translations.. Exchange servers
protected in the lan, with an SMTP service routed through.. I have handed
out non-routable networks to all the offices and have ensured that none of
our offices will be using the same networks address.. IE.. 192.168.0.x
then 192.168.10.x then 192.168.20.x
On to the implimentation problems..
Setting up Server to Server VPN via checkpoint seems relativily straight
forward. So between London and Guelph we can go checkpoint to checkpoint
VPN. I'm now unsure how to bring Colorado in, if we drop another checkpoint
into colorado, do I then need to setup Server to Server VPN's to both London
and Guelph for redundancy.. If there were 10 offices, that would mean 100
VPN connections, is this the correct way to go about things?
Next problem is we are running windows 2000 servers at the remaining 4
locations, Will a microsoft VPN server be able to talk and setup a MS2k VPN
to Checkpoint VPN network to network encryption?? If yes, how do I set that
up? If not, what are my options for getting the other 4 offices securly
connected as one..
The problem we are having is with active directory requiring us to run
internal DNS's and Internal number replications (all non-routable addresses)
we need to get this private network infrastructure setup, before we can
evern get our active directory and exchange servers replicating.. There was
a trial to get it working 2 offices firewalled and vpn'd and the other 5
with normal ip's unprotected, but because DNS has to sync, and our internal
DNS's are completely separate from the external world, non-routable
addresses replicated into the outside DNS's and it's just way to messy and I
think impossible to work..
So in a nutshell, we need to setup 7 offices in a private network, we have a
total of 3 checkpoint servers and would like to use Microsoft's Win2k VPN to
integrate the remaining 4 offices. We need to have all internal networks be
able to find each other across the lan so that active directory and exchange
can replicate..
Thanks.. any help would be greatly appreciated, this is the first time I'm
setting up a system this big..
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
