What would be better, continue using the router then do port forwarding, which I'm still not sure of or get rid of the router and use the two NICs, one for the terminal server and the other for the share to the internet? Do I assign a static IP with the sub net of the private range or use the static IP I have and set the server as a DNS server also? I have been reading some on the net and it is getting more and more confusing all the while. If I go the two NIC route, I still need some kind of firewall to keep all but what I want out making it more complicated but necessary. Do I need to then share the connection from that NIC so that not only the server can see the Internet but also the terminals need to see out.
-----Original Message----- From: hardware-boun...@hardwaregroup.com [mailto:hardware-boun...@hardwaregroup.com] On Behalf Of Christopher Fisk Sent: Thursday, February 05, 2009 1:03 PM To: hardware@hardwaregroup.com Subject: Re: [H] VPN problems On Thu, 5 Feb 2009, mark.dodge wrote: > I have one Windows 2003 server running Terminal Services set up in each of > three offices that I would like to get into from the outside world, one to > be able to do some admin stuff without having to go to each office and > another for the owner to be able to look at the cameras hooked up to each > store. I have attempted to use VPN to do this and although I can ping the IP > address I cannot log into the server. What are some things I need to look > for? I have two NICs in the server one for terminal services internal and > one for the vpn. The one office I am doing this at first has a static IP > address and I have set the router to do vpn pass-through or at least I think > I have it right. The router is a D-Link DI 808HV. I'll be honest I think I > bit off more than I can chew on this project I can set up internal LANs but > not much experience with getting them seen from outside, most of the time it > is preventing access from outside baddies. I also need later to set up a > cluster outside of the offices for fail safe and backup of all three > servers, but that is another project altogether that I am still doing > research on. I have to be able currently for the owner to log into either of > the servers and see an app that is running on them to see if and when he has > appointments and to do end of day and week and monthly reports, etc. and > then also to check on the cameras, and of course for me to add or delete > users and so forth, They all are working as Terminal Servers just fine > within each office, so at least I got that right. Is the subnet you are on the same as the remote subnet? (I.E. 192.168.0.0/24 at your computer and the same subnet at the office?). That can cause routing issues with certain VPN software (Other software is smart enough to get around that.) Also with multiple NIC's in the server you might be running into a routing issue. Less likely if you're able to ping, but sometimes the VPN software will respond to pings no matter what (very annoying) Christopher Fisk -- Leela: Oh no, there's no exhaust pipe. Project Satan: That's right. Thanks to Ed Begley Jr.'s electric motor, the most evil propulsion system ever conceived! -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
