All other Cisco networking related discussions.
purge11
New Member
Posts:
2
Joined:
Sun Jul 01, 2012 11:22 am

Site to Site VPN

Sun Jul 01, 2012 11:24 am

Hello,

I want to create a site to site using windows 2008 DC at both sites. Mainly for active directory replication.
I have a CISCO SRP527W model which has some options for VPN. My question is can the router act as the VPN server or do I have to configure a windows server to do all the VPN configure?

On the CISCO router it has all the options of VPN passthrough enabled. These being PPTP, IPSEC and L2TP enabled. Although no site to site IPSEC policies are defined as yet.

So if creating a windows 2008 DC at the other site, do I need to configure VPN on the server or just the cisco router alone?

As far as I know these are the steps

1. Set RRAS server
2. set up VPN policies on both routers
3. Set up primary DC at HQ
4. Set up and additional DC at HQ
5. Move Additional DC to brance site
6. Ping primary DC over VPN
7. Change IP address of secondary DC and wait for replication

Thanks

User avatar
kerpap
Ultimate Member
Posts:
765
Joined:
Sun Jan 04, 2009 6:28 pm
Certs:
CCNA, CCDA, CCNA-SECURITY

Re: Site to Site VPN

Tue Jul 03, 2012 9:39 pm

just the router.

set up the S2S VPN and set the interesting traffic to be that of the subnets that the servers are on.

that's about it.

the router will automatically route traffic through the VPN tunnel to each server.
basically, lets say the server is on 192.168.10.0/24 server A is .1 server B is .2
any traffic on either router destine for that subnet/ip address will go through the tunnel.

I have to say that setting up a VPN in the CLI of a router is a bit complex. easy to do in the CCP/SDM though.
CCNA, CCDA, CCNA-SECURITY

purge11
New Member
Posts:
2
Joined:
Sun Jul 01, 2012 11:22 am

Re: Site to Site VPN

Fri Jul 06, 2012 5:51 am

Hello,

Thanks for getting back to me. I was told I might as well get a firewall at both sites and use that to configure VPN, I guess the routers can do this, but what worries me is that they might be unreliable and difficult to configure, can you recommend any?

I ve heard of sonicwall and XTM although they are sort of pricey. May have to go with them if I cannot find anything else.

anyways, let me know what is the best for s2s VPN

'

Return to Cisco General

Who is online

Users browsing this forum: No registered users and 11 guests