DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

Site-Site VPN + Client - looking for some advi

  • basmistry
  • Topic Author
  • Offline
  • New Member
  • New Member
More
19 Jan 2014 12:58 #78776 by basmistry
I've not setup Site-Site VPN before so looking for some advice.

Router A - IP Address 192.168.2.x with DHCP - Main Site with Windows 2012 Server (DHCP provide by Router)
Router B - IP Address 192.168.1.x with DHCP - no server just 3-4 userver with Notebooks but need to grow this to about 10 users and a Server

Both sites have VPN > Remote Access Control > Enable PPTP VPN Service is OFF
to allow Windows VPN pass-thru

I now need to add a Windows 2012 Server Site B and setup LAN to LAN VPN
The Server will be using Static 192.168.2.5 address

Home Workers need to access via their Notebooks using Windows VPN

so Users at Site B will use Site-Site VPN
Home users with use Windows VPN


Do I need to TRUN OFF the DHCP at site B (on 192.168.1.x) so that users will get 192.168.2.x range ?
or do I need to move the DHCP role to the Windows server ?

Can anyone see a problem with all this?
is there a better way to do this ?

Please Log in or Create an account to join the conversation.

More
22 Jan 2014 11:54 #78803 by sicon
Hi
Switch off DHCP and the routers and add the role to the 2012 Servers.

Create a IPsec LAN to LAN between both sites

Do not put the Site B Server on a Site A IP address.

install Routing and Remote Access on the 2012 servers and switch off PPTP in the Drayteks.

If you cant do the RAS on the servers then set up the users on the Drayteks and let them do Windows VPN to them they will still pick up an IP Address from the DHCP on the 2012 servers.

When you have Windows servers is not really best practice to do DHCP on the routers.

Please Log in or Create an account to join the conversation.

Moderators: Sami