"herba98" <> wrote in message
news:135ad270-af65-48e7-9553-...
> Hi friends, I need to connect 3 office and I wish to use the same
> subnet (192.168.1.x) on every site but define different range of
> available IPs for a rapid identification of each site. Every site (2)
> will connect to the headquarter (1) using a VPN over ADSL... but I'm
> not sure if:
>
> 1) Should I use a DHCP server on headquarter and config relay agent on
> each remote site
>
> 2) Should I config a local DHCP server on each site (all 3) using the
> same subnet and define different "exclusion range" on each server for
> a specifig range per site.
>
> 3) Should I use a different subnet (.1.x, .2.x, .3.x) on each site and
> define a superscope? but all computers can connect to other in a
> different subnet? or will need to config RRAS to define paths?
>
> thanks in advance for your help
>
> HB
1) That depends on how many users at the remote offices. If more than 10,
it's recommended to place a DC/GC/DNS server at that location, as well as
make it a DHCP server. If only one or two users, and they are part of the
domain, then a relay agent would be better off. Keep in mind with a relay
agent, it will require either another server at that location anyway, or use
your VPN/firewall appliance if it supports that feature (some routers call
it an 'IP helper). By the way, those Linksys, Dlinks, etc, are not what you
want for VPN tunnels between locations. Look into the Cisco ASA5505. Nice
units.
2) & 3) You MUST use different subnets for each office. There is no way
possible that you can connect multiple offices if they have identical
subnets. I suggest to pick a subnet that is not in use by home retail
routers, such as 192.168.0.0 or 192.168.1.0. If you do, and you eventually
down the line allow VPN client access and the users at home have an
identical IP subnet, they won't be able to connect. I suggest changing it to
something like:
192.168.100.0/24
192.168.110.0/24
192.168.120.0/24
192.168.130.0/24
etc
Or:
10.10.100.0/24
10.10.110.0/24
10.10.120.0/24
etc
If you eventually allow client VPN access, create a separate subnet for the
client VPN subnet, such as:
10.10.1.200
--
Ace
This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.
Please reply back to the newsgroup or forum for collaboration benefit among
responding engineers, and to help others benefit from your resolution.
Ace Fekay, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA
2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
For urgent issues, please contact Microsoft PSS directly. Please check
http://support.microsoft.com for regional support phone numbers.
Similar Threads
Linear Mode
