Q

Configure VPN from client via cable modem

Is it possible to configure a VPN connection from a client via cable modem that passes through an NT4 Server as it enters the network and terminates at a second (Win2K) server in the network? The first server (NT4) is the one with the external connection, but it's not set up with Terminal Services.
It is possible to do this, but you may need to make some changes to addressing. You don't need terminal services to make this work.

Enable IPsec server on the Win2K server.

  1. Enable the IPsec client on the executive's client PC.
  2. If the NT4 server is running Internet connection sharing and firewall, you will need to configure it to forward IPsec requests to the Win2K server.
  3. Set up the connectivity parameters between the PC client and the Win2K server.
    1. Set up the client PC to use the NT server's public IP address as the address of the IPsec server.
    2. Use shared secrets for authentication.
    3. Register the client with the IPsec server.
    4. Make sure that you enable UDP encapsulation of the IPsec packets so that ICS doesn't break the IPsec connection.
  4. Ping the outside address of the NT server from the client PC to make sure you have basic connectivity.
  5. Startup the IPSec client and establish connectivity through the NT server to the Win2K server.
This should work, but you may spend a lot of time tracking down various issues along the way. Alternatively, you may consider a low cost appliance so you don't need to mess around with your production servers.
Best,
Mark
This was first published in December 2002

Dig deeper on Network Access Control

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchSDN

SearchEnterpriseWAN

SearchUnifiedCommunications

SearchMobileComputing

SearchDataCenter

SearchITChannel

Close