Today we’ll look at setting up a quick PPTP VPN from Server 2008 R2 with 1 network card.
Server Side (Server 2008 R2)
Head to Server Manager, right click and Add Role
Select Network Policy and Access Services
Select Routing and Remote Access Services, next, next until complete
Expand Roles, right click on routing and remote access and select configure
If you select “Remote Access” give the following error “Less than two network interfaces were detected on this machine. For standard VPN server configuration at least two network interfaces need to be installed
Select Custom Configuration to get around this, then select VPN Access
Right click Routing and remote access and select properties
Browse to the IPv4 tab and assign a static pool of IPs for the remote clients
Now load up ADUC (Active Directory Users and Computers) and double click the user you wish to give access
Select the Dial-in tab and set the Network Access permission to Allow Access
Client Side (Windows 7)
Head to Network and Sharing Center
Select Set up a new connection or network
Select Connect to a workplace
Select User my internet connection (VPN)
Enter the IP/Host of the VPN server you configured earlier, give the connection a friendly names
Enter the username, password and domain
Click Skip before it tries to connect (if this is a remote system it will cut you off, you can get around this by disconnecting the client from the RRAS interface)
Click Change adapter Settings in the main Network and sharing Center
Right click the VPN connection you just created and select properties
Go to Networking, IPv4, Properties, Advanced and unselect Use default gateway on remote computer
You should be ready to connect!
Enable forwarding for TCP Port 1723 (PPTP) to your 2008 R2 Server
Watchguard Fireware Pro provides you the ability to load balance multiple WAN connections with various types of failover/multi-wan settings.
The multi-wan modes are round-robin, failover, interface overflow and routing table. Let’s dig a little into what these mean:
The Firebox uses the average of sent (TX) and received (RX) traffic to balance the traffic load across all external interfaces you specify in your round-robin configuration. By default the weighting of each interface is 1 (equal). If you open Hostwatch you should see all outbound connections nicely distributed over x interfaces.
When you use failover mode you allocate one interface as your primary and the others become backups, think active/passive. When the primary line fails, it will send all traffic to the next external interface in the configuration whilst continually monitoring the primary line. When this interface is back up it will automatically fall back to using the primary interface.
As the name suggests this will use a single interface until it meets a set threshold, when this condition is met it will start using the next external interface in the configuration. If the first interface fails without overflowing, it will failover to the next interface , which places this nicely between failover and round robin. Continue reading