Hey all,
I have a lot of knowledge of Win2K server, Nt4 etc, and ISND routing but little about VPNs.
I need to know a little more about VPNs in order to cost a job.
3 offices - 2 in UK, one in Portugal. All have ADSL.
Office 1 UK - File and Print server, Email etc.
Office 2 UK - 2 clients currently using RAS to get email from office 1
Office 2 Portugal - single PC using RAS to get email from server in office 1

Requirements - all pc's to be able to connect to server securly over VPN.

I will put a router in each office (probaly Cisco 901 as i know IOS), but my problems is that each ADSL router will be assigned an IP address from DHCP at the provider. Therefore if i set up the VPN to access each site via IP address, if the IP of the router is changed by the provider, the VPN will fail.
Can you set up VPN's based on DNS hostnames as these are genreally more staic.

If so, is the best way just to set up port forwarding for PPTP on the Office 1 router to forward to the server?

thanks for any input.
OJ

You are able to. Not long ago, Cyberskye shot me this link, I was looking for ability of PPPoE to PPPoE which he gave me this link for...the main part of this article is that you can VPN between two dynamic IP sites using dyndns. I was having a problem establishing a VPN tunnel between two PPPoE sites, and level one Sonicwall support said it didnt' work. I thought the kid was smoking something, as PPPoE has nothing to do with it. Luckily TWW came through and saved the day for me! Thanks again for all that time TWW!

http://www.icon.de/hersteller/sonicwall/VPNSite2SiteDynIP.pdf

:D

Great document. thanks

OJ

I've never used the Cisco devices, but, in general it's a pain if the main site doesn't have a fixed IP. Remote sites can all be dynamic, and it doesn't matter. The article YOSC posted refers to a new feature in firmware ver. 6.4 for the SonicWalls. Essentially it adds the ability to reolve FQDN for host address, and as you saw, is using dynamic DNS for resolution. I've never had to resort to it, but it should work well.

I can only tell my experience with the SonicWalls, and they have been excellent. Setup is pretty straightforward, and less cryptic that the Cisco command line. It's interesting that Cisco has actually licensed VPN tecnology from SonicWall in the last year!

I think i am going to investigate asking BT (ADSL provider) for a fixed IP at the host end. I hope they will be able to provide, but if not, then i guess i'll have to resort to other measures.

I've not had any experience with SonicWall, only Cisco. are the SonicWalls easy to set up and secure?

OIJ

are the SonicWalls easy to set up and secure

Amazingly so, considering the power. I run one here at home.

I think that they also have at least one security advantage over Cisco in a basic environmentb - relative obscurity. IOS is known by crackers and word travels so fast these days...;) Not as configurable as Cisco, for sure.

Skye