General discussion

Locked

Ed Bott's Microsoft Challenge--4/6/2000

By ebott ·
OK, I've settled on VPN, and I need your help once again. My small (10 users) network accesses the Internet through a 1 Mbps DSL line and Microsoft's Proxy Server. Where do I go from here? What kind of mistakes am I likely to make? Help me avoid thepitfalls and get my VPN running smoothly, securely, and as quickly as possible. The best suggestions (and confessions, if you've learned the hard way) will appear in my next column.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

Ed Bott's Microsoft Challenge--4/6/2000

by scubajeff2 In reply to Ed Bott's Microsoft Chall ...

I would definitely upgrade to W2K first, purchase CheckPoint's VPN software, and save a few headaches, although you will spend a few more IT dollars up front, it's easy to configure and runs well.
I would suggest avoidance of a linux configured system as a vpn gateway due to the small amount of users and the support necessary to maintain and configure it.
I (oops) missed the case history.

Collapse -

Ed Bott's Microsoft Challenge--4/6/2000

by ebott In reply to Ed Bott's Microsoft Chall ...

The question was auto-closed by TechRepublic

Collapse -

Ed Bott's Microsoft Challenge--4/6/2000

by skiptheb In reply to Ed Bott's Microsoft Chall ...

Ed, just finished installing the same here in Andover, MA at an internet startup. I am using W2K and a 1.1Mbps DSL. I chose not to use the proxy server from msoft though. I went with a netscreen firewall for better control of the ports and also to use mapped IP's to my servers. The VPN works great (once I got the subnet details right from my ISP, they seemed new to this too), my only problem was that Outlook had to be closed before making the connection. After connecting I can open outlook and it synchs and runs great. Name resolution is also working (I can browse the network using server names in Explorer). My mapped drives (f:= servername/D$) were a little problem, but I found that I could remap them and they worked fine.

I have been wanting to install a VPN solution now for two years, it took me this long to find a firm that was on-board with the cost justification.

Collapse -

Ed Bott's Microsoft Challenge--4/6/2000

by ebott In reply to Ed Bott's Microsoft Chall ...

The question was auto-closed by TechRepublic

Collapse -

Ed Bott's Microsoft Challenge--4/6/2000

by mouim In reply to Ed Bott's Microsoft Chall ...

The First mistake you may encounter is to use Microsoft's version of PPTP for your VPN. Although free with NT it does have it's draw backs. IPSec is not supported and because of that you would want to put the VPN server in a DMZ Zone. For 10 users you are already talking about too much administration in my opinion. Since you are currently using a DSL for Internet access, I would suggest getting something like a DSL Pipeline Router with built-in VPN capabilities and Firewall protection. These units can easily be purchase for under a $1000 which is even less than a scalled down server.

Collapse -

Ed Bott's Microsoft Challenge--4/6/2000

by ebott In reply to Ed Bott's Microsoft Chall ...

The question was auto-closed by TechRepublic

Collapse -

Ed Bott's Microsoft Challenge--4/6/2000

by brdall In reply to Ed Bott's Microsoft Chall ...

We're in the middle of implementation right now. We tried the NT PPTP solution and rejected it. It's slow (fat protocol) and not always reliable. We're switching to the Cisco PIX with IPSec clients. Somewhat expensive and not real easy to setup on the host end, but faster and actually the client setup is much easier.

Collapse -

Ed Bott's Microsoft Challenge--4/6/2000

by ebott In reply to Ed Bott's Microsoft Chall ...

The question was auto-closed by TechRepublic

Collapse -

Ed Bott's Microsoft Challenge--4/6/2000

by jokeman In reply to Ed Bott's Microsoft Chall ...

setup the proxy server accordingly... make sure u have blocked the correct tcp/ip and udp traffic.. also with ipx/spx...

as far as operationg system goes stiuck with nt since its been around for a while, even though win 2000 is more secure it will probably be buggy...... also i would suggest using unix as a operating system much more stable..... harder support but worth it...

good luck

Collapse -

Ed Bott's Microsoft Challenge--4/6/2000

by ebott In reply to Ed Bott's Microsoft Chall ...

The question was auto-closed by TechRepublic

Related Discussions

Related Forums