Site to site VPN using RRAS from an untrusted network?

Posted by DrZaiusApeLord on Server Fault See other posts from Server Fault or by DrZaiusApeLord
Published on 2010-05-17T16:01:03Z Indexed on 2010/05/17 16:11 UTC
Read the original article Hit count: 353

Filed under:

site-to-site-vpn

Our remote office will be moving to a new space where internet will be provided. They'll be behind a router doing NAT (I do not have admin rights to this router). They will be sharing a printer with the other people on the LAN, but will need VPN to our network for email and file shares.

I was thinking of just having them run the windows VPN client and connecting via PPTP like they do when they are off-site, but I have read that multiple PPTP connections from the same NAT'd address to the same destination doesn't work well or at all.

I am thinking some kind of site-to-site VPN is needed so there is just one tunnel. Can I just put in a VPN gateway, set it to connect to our RRAS/PPTP server, and have them use it as their default gateway? Perhaps even use the local default gateway for internet traffic. If so, what VPN gateway/device is recommended for this?

Or other solutions? Thanks.

Related posts about site-to-site-vpn

Router for creating site to site VPN to server provider using Cisco ASA 5540

as seen on Server Fault - Search for 'Server Fault'
We have dedicated servers hosted for us by a third party, we connect to these over a VPN. My server provider uses Cisco ASA 5540 as VPN devices. Currently we're using software clients on individual machines to connect to this VPN, either: Cisco VPN Client Shrew Soft VPN Connect However, I'm looking… >>> More
Site-to-site VPN using MD5 instead of SHA and getting regular disconnection

as seen on Server Fault - Search for 'Server Fault'
We are experiencing some strange behavior with a site-to-site IPsec VPN that goes down about every week for 30 minutes (Iam told 30 minutes exactly). I don't have access to the logs, so it's difficult to troubleshoot. What is also strange is that the two VPN devices are set to use SHA hash algorithm… >>> More
Site to Site VPN with Rails

as seen on Stack Overflow - Search for 'Stack Overflow'
First of I'm very sorry but this questions is not so so specific. All I am looking for is a tutorial or a resource for creating a site-to-site VPN. Actually, I not even sure if that is what I should call it. I live in China and I want to access youtube and stuff. And I don't want to buy a proxy service… >>> More
Cisco: Site-to-site VPN with cisco 878 and ASA weirdness

as seen on Server Fault - Search for 'Server Fault'
I currently have 2 sites, both connected to each other through 2 firewalls / routers in a site-to-site VPN. Pinging from server to server (Using 2mb/2mb SDSL) through that VPN obviously works, however, at one site, we have another internet connection (7m/400k ADSL), and only the link between the two… >>> More
Site to Site VPN with Fault Tolerence

as seen on Server Fault - Search for 'Server Fault'
Hello, I have a situation where I require an IPSEC tunnel between two sites. Site 2 is a small branch office with basic (ADSL) connectivity and Site 1 is the "main" office with SDSL and ADSL for redundancy should the SDSL fail. From Site 1, all traffic bound for the 172.0.0.0 network will then be… >>> More

Developer IT