Tweet
Hi guys, long time no see!
I am currently working in the middle of outback Australia. I am the only doctor in 30,000km2 and cover a multitude of sites. I've had to establish the IT infrastructure from the ground up and have no-one locally that I can bounce ideas off. I am currently trying to find a way to make the networking administration more streamlined so that it doesn't occupy so much of my time.
I have a central office with a dozen or so computers bound to Windows Server 2012R2 domain. I have the remote access and network policy services up and running more or less right. I can establish a connection to the server via PPTP but as yet have struggled with L2TP over IPSec using certificates. The latter I think is due to using Apple hardware offsite as the web enrollment service doesn't seem to give out valid machine certificates. I think I can connect fine using a pre-shared key. In any case, I've found logmein to be a hassle free and temporary solution.
I think that I would benefit from establishing a VPN tunnel between the two networks as configuring it at machine level is messy. I'd like to be able to remotely administer any machine from my given location. As that would also include home, I'd also need to hide my personal resources from prying eyes offsite. I think the sensible approach would be to establish a VPN tunnel at router level and have all hardware on the same domain. Our central site uses cisco IP telephones and I am locked to a fairly crappy netgear router (DEVG2020) with a static IP. The router does support using a VPN tunnel but only to a remote static IP address. I would need to map the tunnel endpoint though dynamic DNS. The router is connected to a Cisco SG300-10P managed switch.
My other sites use a Billion 7800nxl routers which support VPN tunnels using a pre-shared key.
I have some questions about this set up if anyone can offer some guidance?
Would I be better managing the IP tunnel start point though Windows Server given that my router is quite basic?
If so, I've found RAAS and NPS to be a bit of a pig to use. would you recommend a third party front end or alternative?
Do all sites need to be using the same IP range? I can connect from 192.168.1.1/24 to 192.168.2.1/24 using a VPN connection at machine level, but I can't see any resources beyond that. I assume that is a gateway/routing issue...
Hope you're all well guys. It's good to see that you're all still here after all these years!
Thanks for the help!
Paddy
I am currently working in the middle of outback Australia. I am the only doctor in 30,000km2 and cover a multitude of sites. I've had to establish the IT infrastructure from the ground up and have no-one locally that I can bounce ideas off. I am currently trying to find a way to make the networking administration more streamlined so that it doesn't occupy so much of my time.
I have a central office with a dozen or so computers bound to Windows Server 2012R2 domain. I have the remote access and network policy services up and running more or less right. I can establish a connection to the server via PPTP but as yet have struggled with L2TP over IPSec using certificates. The latter I think is due to using Apple hardware offsite as the web enrollment service doesn't seem to give out valid machine certificates. I think I can connect fine using a pre-shared key. In any case, I've found logmein to be a hassle free and temporary solution.
I think that I would benefit from establishing a VPN tunnel between the two networks as configuring it at machine level is messy. I'd like to be able to remotely administer any machine from my given location. As that would also include home, I'd also need to hide my personal resources from prying eyes offsite. I think the sensible approach would be to establish a VPN tunnel at router level and have all hardware on the same domain. Our central site uses cisco IP telephones and I am locked to a fairly crappy netgear router (DEVG2020) with a static IP. The router does support using a VPN tunnel but only to a remote static IP address. I would need to map the tunnel endpoint though dynamic DNS. The router is connected to a Cisco SG300-10P managed switch.
My other sites use a Billion 7800nxl routers which support VPN tunnels using a pre-shared key.
I have some questions about this set up if anyone can offer some guidance?
Would I be better managing the IP tunnel start point though Windows Server given that my router is quite basic?
If so, I've found RAAS and NPS to be a bit of a pig to use. would you recommend a third party front end or alternative?
Do all sites need to be using the same IP range? I can connect from 192.168.1.1/24 to 192.168.2.1/24 using a VPN connection at machine level, but I can't see any resources beyond that. I assume that is a gateway/routing issue...
Hope you're all well guys. It's good to see that you're all still here after all these years!
Thanks for the help!
Paddy
Fractal Design Arc Mini R2, 3800X, Asus B450M-PRO mATX, 2x8GB B-die@3800C16, AMD Vega64, Seasonic 850W Gold, Black Ice Nemesis/Laing DDC/EKWB 240 Loop (VRM>CPU>GPU), Noctua Fans.
Comment