Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Site to Site VPN

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> VPN >> Site to Site VPN Page: [1]
Login
Message << Older Topic   Newer Topic >>
Site to Site VPN - 20.Nov.2008 10:54:40 AM   
solomin

 

Posts: 5
Joined: 28.Mar.2007
Status: offline 		Hello,

My company is currently running ISA server 2006 SE on a Windows 2003 server. Everything works fine. Our company uses a 2003 Acvtive directory network. Remote users connect to the office via VPN client. Our company has 70 employees.

Everything seems to be functioning okay.

However, my company will moving to a new location in the near futre, and I need to have both sites (old and new) running simultaneously until everyone is moved from the old location.

I beleive the best solution would be to install a second ISA server 2006 SE at the new location and set up a site to site VPN rather than have individual clients connect.

I am not certain how to proceed with the configuration.

In terms of the subnet at each location, am I able to use the same range (subnet) and jsut ensure that no two computers have the same (internal) ip  address? If so, how would the system know to go the site and not stay local?

My understanding is that Iwould have to define unique subnets for each location. Is this correct?

Any suggestions / recommendations would be greatly appreciated.

Thanks,

Mark
Post #: 1
RE: Site to Site VPN - 20.Nov.2008 12:54:20 PM   
IanC

 

Posts: 237
Joined: 11.Jul.2007
From: UK
Status: offline 		Hi Mark,

Yes, they should be different subnets so that IP can route the traffic.

Ian

_____________________________

Ian Currie

http://www.curriecomputing.com

Approved supplier - nAppliance(UK)
http://www.apdh64.dsl.pipex.com/currie/products.html
ISA Server 2006 SP1 3-day workshop
http://www.apdh64.dsl.pipex.com/currie/learning.html

(in reply to solomin)
Post #: 2
RE: Site to Site VPN - 22.Nov.2008 10:19:12 PM   
paulo.oliveira

 

Posts: 911
Joined: 3.Jan.2008
From: Amazonas, Brazil
Status: offline
quote:

ORIGINAL: IanC

Hi Mark,

Yes, they should be different subnets so that IP can route the traffic.

Ian


After you do the Ianīs advice you just need to use the VPN wizard to setup the site-to-site vpn.

Regards,
Paulo Oliveira.

(in reply to IanC)
Post #: 3
RE: Site to Site VPN - 25.Nov.2008 12:05:59 PM   
adimcev

 

Posts: 85
Joined: 19.Oct.2008
Status: offline 		Maybe in the future, if Microsoft would want, they will make this scenario working, either with proxy ARP or with NAT(so that even computers with the same IP address to be able to talk to each other, of course, if NAT does not break communications).

In the mean time, if "no two computers have the same (internal) ip address", you may try to use the VPN server on the new ISA and make the old office computers VPN clients. The same subnet scenario is feasible in this case.

Adrian

_____________________________

Blog: http://www.carbonwind.net/blog

Get Our NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8

(in reply to paulo.oliveira)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> VPN >> Site to Site VPN Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts