none
IP Guidance help required

    Question

  • I have inherited a new client who has the following setup, BT Infinity, Vigorpro 5510, and SBS 2011 server. I'm try to setup a VPN connection but keeps failing. I suspect it could be to the way it is currently setup, can anyone review the following setup, and help identify any problems.

    The configuration is as follows:-

    BT Infinity ASDL modem:-
    dhcp switched off
    ip addr 192.168.1.254
    static ip 8x.xx.xx.xx

    Vigorpro 5510:-
    Wan 1 IP - 192.168.1.200
    sub mask - 255.255.255.0
    Gateway IP - 192.168.1.254
    primary IP - 192.168.1.254

    Wan 2 - Not configured

    Lan 1st IP - 192.168.16.1
    1st submask - 255.255.255.0

    sbs 2011 
    IP 192.168.16.254
    submask 255.255.255.0
    def gateway 192.168.16.1
    Pref DNS 192.168.16.254

    PC assigned IP from sbs 2011

    Also, where should the BT Static IP address be referenced any where on the draytek.

    The server has a second NIC, should I configure as:

    NIC 1 - Vigorpro 5510, BT Infinity ASDL modem, to internet

    NIC 2 - Netgear 16-port hub, client PC, network printers

    I would appreciate any feedback, thanks in advance. 

    Monday, July 15, 2013 10:09 AM

Answers

  • The most common cause of VPN failure is having the same subnet on both ends.  But I am not a fan of VPN to server, indeed of VPN in general.  It exposes the server, and therefore the entire LAN to whatever malware exists on the remote pc.

    Better is router to router or mobile client to router, but even better is RWA and access a pc or server running terminal services/RDS inside the LAN.


    Larry Struckmeyer[SBS-MVP] If your question is answered, please mark the response as the answer so that others can benefit.

    Wednesday, July 17, 2013 2:30 AM

All replies

  • The most common cause of VPN failure is having the same subnet on both ends.  But I am not a fan of VPN to server, indeed of VPN in general.  It exposes the server, and therefore the entire LAN to whatever malware exists on the remote pc.

    Better is router to router or mobile client to router, but even better is RWA and access a pc or server running terminal services/RDS inside the LAN.


    Larry Struckmeyer[SBS-MVP] If your question is answered, please mark the response as the answer so that others can benefit.

    Wednesday, July 17, 2013 2:30 AM
  • Hi, This issues has not been resolved, i'm still unable to establish a VPN connection based on configuration mentioned. I have forwarded all required ports on the Vigorpro 5510. But still hitting the brick wall.

    Read the VigorPro 5510 documentation

    Any points of guidance would be appreciated.

    Monday, July 29, 2013 8:16 AM