Thanks to both of you. I have another question. I have an existing subnet of 10.10.21.0/24, this is where all my workstations/servers reside. I was thinking about putting my VPN server (Windows 2000) on that subnet and setting up the DHCP addresses as 10.10.22.0/24 for the VPN clients. My question is: how would the VPN clients know how to reach the 10.10.21.0/24 subnet? Am I correct in setting this up through my Cisco device or could RAS take care of it? The point of me doing all of this is because I need remote computers to access some shares on one of my servers but at the same time I would like to make sure they don't have access to other boxes on the 10.10.21.0/24 subnet. I am trying to be safe about this thing and I have no idea what could be on these remote computer (spyware/viruses). Maybe there is a way that I can setup one route to that fileserver on my 10.10.21.0/24 subnet and not give them a route anywhere else on that subnet. What am I missing here? Is what I speak of practiced/practical?
-Steven-
I am not sure the issues, but let me try.
1. VPN client doesn't need to logon the domain or to be the member of the domain. However, you do need to logon the domain username with the same password to access the network resources.
2. Assuming you are using windows server as VPN server, you can use IP pool that can be the different subnet.
Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
I have recently setup a VPN and I would like to section these users off on
their own subnet. I am going to do this at my router. I was wondering if
the VPN needs to be in my domain in order to function correctly. I know
there are VPN access rules that allow specific windows groups to access but
I was wondering if I could do this on a local machine level (give local
groups rather than domain groups access). Also, is it possible to have a
domain with several subnets? If so, what do I need to look out for in doing
so? TIA.
-Steven-