Multi-Site SBS2K3 VPN with inter-site trust ?

Discussion in 'Windows Small Business Server' started by TMS, Jun 26, 2006.

  1. TMS

    TMS Guest

    Howdy,

    Basically we run several SBS sites across the world for a single customer,
    all with differing domains and users.

    We'd love to be able to setup a VPN and have the offices linked together
    (with trust relationships) so as to enable single company wide intranet,
    access to files etc however from what I understand, this won't be possible on
    SBS2K3.

    If anybody has experience in this or can point me to the right
    Documentation/KB regarding getting this working, even if the KB only proves
    that it CAN'T be done, it would be much appreciated.

    TIA,

    TMS.
     
    TMS, Jun 26, 2006
    #1
    1. Advertisements

  2. Hi,

    SBS does not support trusts - thats fact.

    By the sound of things you need to move out of the SBS and into full blown
    server (without restirctions of SBS) the most logical method is to use the
    transition pack to achieve this.

    Which ever way you do go I think you are going to end up shelling out £££'s
    ($$$'s in USA).

    How many users at each site and how many sites are we talking?

    if fairly small amounts then replicating the users and passwords to each
    server (MANUALLY) would in essense give you access to files without the need
    for trusts.

    Will become an administrative nightmare if too many users and also if
    passwords change often!

    TT
     
    TimeTraveller, Jun 26, 2006
    #2
    1. Advertisements

  3. TMS

    Crina Li Guest

    Hi TMS,

    Thank you for posting in SBS newsgroup.

    From the description, I understand the issue to be: you want to create VPN
    between differing SBS domain. If I have misunderstood your concerns, please
    do not hesitate to let me know.

    As I know, the following are some limitations regarding SBS 2003:

    1. Only one computer in a domain can be running Windows Small Business
    Server 2003.
    2. Windows Small Business Server 2003 must be the root of the Active
    Directory forest.
    3. Windows Small Business Server 2003 cannot trust any other domains.
    4. A Windows Small Business Server 2003 domain cannot have any child
    domains.
    5. Each additional computer running Windows Server 2003 must have a Windows
    Small Business Server 2003 client access license (CAL).
    6. A Windows Small Business Server 2003 domain can have no more than 75
    CALs. You can use CALs for each user or for each device.

    For creating VPN, you can refer to the following documents:

    323441 How To Install and Configure a Virtual Private Network Server in
    Windows
    http://support.microsoft.com/?id=323441

    305550 How to configure a VPN connection to your corporate network in
    Windows
    http://support.microsoft.com/?id=305550

    For remote access between two offices, I also provide the following
    documents for your reference:

    Connecting a Remote Office to a Small Business Server 2000 Network
    http://www.microsoft.com/technet/prodtechnol/sbs/2000/maintain/remotofc.mspx

    Note: this article is for SBS 2000 network but it can also apply to SBS
    2003 network.

    888711 Site-to-site VPN in ISA Server 2004
    http://support.microsoft.com/?id=888711

    Joining Networks over the Internet with a Gateway to Gateway VPN: ISA
    Server to Windows 2000 RRAS - Part 1
    http://www.isaserver.org/tutorials/g2gisa2rraspart1.html

    Joining Networks over the Internet with a Gateway to Gateway VPN: ISA
    Server to Windows 2000 RRAS - Part 2
    http://www.isaserver.org/articles/g2gisa2rraspart2.html

    Joining Networks over the Internet with a Gateway to Gateway VPN: ISA
    Server to Branch Office ISA Server/Domain Controller - Part 1
    http://www.isaserver.org/tutorials/gatewaytogatewaywithdc.html

    Joining Networks over the Internet with a Gateway to Gateway VPN: ISA
    Server to Branch Office ISA Server/Domain Controller - Part 2
    http://www.isaserver.org/tutorials/gatewaytogatewaywithdcpart2.html

    Hope it helps.

    I appreciate your time and look forward to hearing from you.

    Best regards,

    Crina Li (MSFT)

    Microsoft CSS Online Newsgroup Support

    Get Secure! - www.microsoft.com/security

    =====================================================
    This newsgroup only focuses on SBS technical issues. If you have issues
    regarding other Microsoft products, you'd better post in the corresponding
    newsgroups so that they can be resolved in an efficient and timely manner.
    You can locate the newsgroup here:
    http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

    When opening a new thread via the web interface, we recommend you check the
    "Notify me of replies" box to receive e-mail notifications when there are
    any updates in your thread. When responding to posts via your newsreader,
    please "Reply to Group" so that others may learn and benefit from your
    issue.

    Microsoft engineers can only focus on one issue per thread. Although we
    provide other information for your reference, we recommend you post
    different incidents in different threads to keep the thread clean. In doing
    so, it will ensure your issues are resolved in a timely manner.

    For urgent issues, you may want to contact Microsoft CSS directly. Please
    check http://support.microsoft.com for regional support phone numbers.

    Any input or comments in this thread are highly appreciated.

    =====================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.
    --------------------
    | Thread-Topic: Multi-Site SBS2K3 VPN with inter-site trust ?
    | thread-index: AcaZZOPCQDCWGd8GS6GqNr+EG3Cl6A==
    | X-WBNR-Posting-Host: 196.209.70.162
    | From: =?Utf-8?B?VE1T?= <>
    | Subject: Multi-Site SBS2K3 VPN with inter-site trust ?
    | Date: Mon, 26 Jun 2006 14:10:02 -0700
    | Lines: 17
    | Message-ID: <>
    | MIME-Version: 1.0
    | Content-Type: text/plain;
    | charset="Utf-8"
    | Content-Transfer-Encoding: 7bit
    | X-Newsreader: Microsoft CDO for Windows 2000
    | Content-Class: urn:content-classes:message
    | Importance: normal
    | Priority: normal
    | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830
    | Newsgroups: microsoft.public.windows.server.sbs
    | Path: TK2MSFTNGXA01.phx.gbl
    | Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:277533
    | NNTP-Posting-Host: TK2MSFTNGXA01.phx.gbl 10.40.2.250
    | X-Tomcat-NG: microsoft.public.windows.server.sbs
    |
    | Howdy,
    |
    | Basically we run several SBS sites across the world for a single
    customer,
    | all with differing domains and users.
    |
    | We'd love to be able to setup a VPN and have the offices linked together
    | (with trust relationships) so as to enable single company wide intranet,
    | access to files etc however from what I understand, this won't be
    possible on
    | SBS2K3.
    |
    | If anybody has experience in this or can point me to the right
    | Documentation/KB regarding getting this working, even if the KB only
    proves
    | that it CAN'T be done, it would be much appreciated.
    |
    | TIA,
    |
    | TMS.
    |
     
    Crina Li, Jun 27, 2006
    #3
  4. TMS

    TMS Guest

    Hi,

    Thanks to all for replying to my post.

    The information included in this one is fantastic, thanks a lot for an
    extremely thorough and well done reply.

    Awesome !
     
    TMS, Jun 27, 2006
    #4
  5. TMS

    Crina Li Guest

    Hi TMS,

    Thanks for your update.

    I am glad to hear the problem is resolved.

    It is my pleasure to work with you in this post. If you encounter any
    difficulties in the future, please submit the post to the newsgroup. We
    are glad to be of the assistance.

    Again, thank you for using Microsoft newsgroup. Have a nice day. :)

    Best regards,

    Crina Li (MSFT)

    Microsoft CSS Online Newsgroup Support

    Get Secure! - www.microsoft.com/security

    =====================================================
    This newsgroup only focuses on SBS technical issues. If you have issues
    regarding other Microsoft products, you'd better post in the corresponding
    newsgroups so that they can be resolved in an efficient and timely manner.
    You can locate the newsgroup here:
    http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

    When opening a new thread via the web interface, we recommend you check the
    "Notify me of replies" box to receive e-mail notifications when there are
    any updates in your thread. When responding to posts via your newsreader,
    please "Reply to Group" so that others may learn and benefit from your
    issue.

    Microsoft engineers can only focus on one issue per thread. Although we
    provide other information for your reference, we recommend you post
    different incidents in different threads to keep the thread clean. In doing
    so, it will ensure your issues are resolved in a timely manner.

    For urgent issues, you may want to contact Microsoft CSS directly. Please
    check http://support.microsoft.com for regional support phone numbers.

    Any input or comments in this thread are highly appreciated.

    =====================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.
    --------------------
    | Thread-Topic: Multi-Site SBS2K3 VPN with inter-site trust ?
    | thread-index: AcaZtDzXVmLOYKv3Sq+0ZpY5a8Magg==
    | X-WBNR-Posting-Host: 196.209.71.246
    | From: =?Utf-8?B?VE1T?= <>
    | References: <>
    <>
    | Subject: RE: Multi-Site SBS2K3 VPN with inter-site trust ?
    | Date: Mon, 26 Jun 2006 23:38:02 -0700
    | Lines: 10
    | Message-ID: <>
    | MIME-Version: 1.0
    | Content-Type: text/plain;
    | charset="Utf-8"
    | Content-Transfer-Encoding: 7bit
    | X-Newsreader: Microsoft CDO for Windows 2000
    | Content-Class: urn:content-classes:message
    | Importance: normal
    | Priority: normal
    | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830
    | Newsgroups: microsoft.public.windows.server.sbs
    | Path: TK2MSFTNGXA01.phx.gbl
    | Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:277626
    | NNTP-Posting-Host: TK2MSFTNGXA01.phx.gbl 10.40.2.250
    | X-Tomcat-NG: microsoft.public.windows.server.sbs
    |
    | Hi,
    |
    | Thanks to all for replying to my post.
    |
    | The information included in this one is fantastic, thanks a lot for an
    | extremely thorough and well done reply.
    |
    | Awesome !
    |
    |
    |
     
    Crina Li, Jun 27, 2006
    #5
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.