none
SBS 2008 - 2008 R2 site to site VPN Issue.

    Question

  • Hello All ,

    I have a SBS 2008 box that I want to add another server for remote site ( 2008 standard). Currently VPN works fine on SBS and i can dial anywhere via pptp and join network.

    I have added RRAS role to new 2008 server at branch office. Configured demand dial , since VPN was already running on SBS , I have just added demand-dial and route. Both servers have mathing usernames to their dial interfaces, when I connect from branch to SBS , it just connects in seconds , get the IP , and routes are added , when i check the SBS it appears as unreachable , when try to connect manually i either get RRAS error 0 or a pop up says the modem is already in use or not configured properly.

    Appreciate if someone can advice as I have already spend 2 days on this .

    Thanx
    Thursday, July 04, 2013 7:41 AM

Answers

  • Hi:

    Best advice is to let the routers handle the VPN.  Much easier to configure and more stable, secure and robust.  I would not even attempt what you are wanting to do.  As you point out you have spent two days on it while with matching routers it is trivial.

    Having said that, be sure that the networks are in different subnets.  That is:  Main office 192.168.16.x, remote office 192.168.44.x, or any such, so long as they are different.


    Larry Struckmeyer[SBS-MVP]

    Thursday, July 04, 2013 10:00 AM
    Moderator

All replies

  • Hi:

    Best advice is to let the routers handle the VPN.  Much easier to configure and more stable, secure and robust.  I would not even attempt what you are wanting to do.  As you point out you have spent two days on it while with matching routers it is trivial.

    Having said that, be sure that the networks are in different subnets.  That is:  Main office 192.168.16.x, remote office 192.168.44.x, or any such, so long as they are different.


    Larry Struckmeyer[SBS-MVP]

    Thursday, July 04, 2013 10:00 AM
    Moderator
  • Hello Larry ,

    Router based was the initial plan but until we got the sonicwall or ciscos , wanted to setup so can get the things running . One thing for sure is the subnets are diffrent , i have created the port forwards , and successfully connect to port 1723 , i can see that port is on listening state from netstat but still no luck.

    Thursday, July 04, 2013 3:21 PM
  • Existing routers or modems or whatever is at the edge allows GRE?  Best to check the manual.

    Larry Struckmeyer[SBS-MVP]

    Thursday, July 04, 2013 3:41 PM
    Moderator
  • both has VPN Bypass for PPTP and L2TP , from the router i can also see that GRE Protocoll  packets are accepted.
    Thursday, July 04, 2013 3:43 PM