Q: setup of RRAS Svr2003 - 1 network card and existing router

[M]

Hi,

Looking to install a Svr2003 box on my network to provide me with
external VPN access. Network already consists of a few XP Pro machines
(workgroup) all with internet access via an ADSL Router (wired & wireless).

Most Svr2003 setups put the machine as the router (providing NAT/DHCP
etc), running with twin NICs. I don't really want to do this as it is
another component in the link of providing internet access that can go
wrong, and I am very rarely in the location where the machines are based.

I seem to have read conflicting info about whether the Svr2003 machine
can run on an existing network with a single NIC and provide me with VPN
access to my network. Can anyone explain whether it can be done, and if
there are any disadvantages in a setup like this?

Also, for validating users trying to connect, without running Active
Directory or anything, am I restricted to just asking for a username /
password? Can I restrict based on MAC address at all for example?

Thanks,
M.

 

[Janani [MSFT]]

I seem to have read conflicting info about whether the Svr2003 machine can

run on an existing network with a single NIC and provide me with VPN
access to my network. Can anyone explain whether it can be done, and if
there are any disadvantages in a setup like this?

- You can install RRAS on a machine with a single NIC. Just follow the
'Custom Configuration' path in the RRAS configuration wizard.

Also, for validating users trying to connect, without running Active
Directory or anything, am I restricted to just asking for a username /
password? Can I restrict based on MAC address at all for example?

- Yes. without AD you need to authenticate using local users. Currently
there is not way of restricting access based on MAC address. However you can
use Internet Authentication Service alongwith RRAS to restrict based on
Client IP address.

 

[M]

- You can install RRAS on a machine with a single NIC. Just follow the
'Custom Configuration' path in the RRAS configuration wizard.

Thanks for this. Read about virtual nic's and now it all makes sense.

One more question, have set up a VPN and it connects fine. What is the
process for connecting to server / network resources (e.g. storage)?
- I can connect via RDC ok (after enabling it)
- The only way I found be able to map a drive through VPN on the
client was to share the resource from the server (even though the user I
am connecting as has full machine access)?
- And what about then accessing further network storage - I guess
somehow that this has to be mapped to the user on the server in the
first place?

Thanks,
M