Router-to-router with hardware

Discussion in 'Windows Server' started by David, Aug 30, 2005.

  1. David

    David Guest

    Hi,


    We are a small company (6 users) and we have a PBX here that can do VoIP. My
    boss would like to be able to work from home and have incoming calls
    transferred to an IP phone next to him.

    At my home I have a test server running Windows 2003 SP1. Using RRAS (pptp)
    I created between mine and the company's server a demand dial connection.
    Once I hooked up the IP phones to my server I could do anything like I could
    when connected directly to the PBX.
    My boss however doesn't have a server running at his home, and he doesn't
    plan on installing one there. He has a simple Dlink WiFi router. Now I was
    wondering if there are any cheap (dlink, linksys,...) routers out there that
    can both initiate & terminate incoming/outgoing router-to-router VPN's
    from/to RRAS. I looked on both manufacturer's website but didn't find one
    that could do both at the same time.
    Since we have a sonicwall sitting between our LAN & the ISP's router I
    thought I could configure an IPSec R2R VPN (using the same type at his home)
    there. However I couldn't get it to work. I could get it to work when I
    plugged the ISP's network cable directly in our company's sonicwall (so it
    got a public IP, not one in the DMZ). I read something that said IPSec can't
    traverse NAT and thats probably why it didn't work when the sonicwall was
    sitting in the DMZ. Unfortunately connecting the sonicwall directly to the
    internet is not an acceptable permanent solution, we need a DMZ.

    If possible I would like to be able to connect his IP phone using a XO cable
    to his LAN port, and have his laptop connect using WiFi. If not, we would
    need to move the router closer because of cable length.


    regards,

    David
     
    David, Aug 30, 2005
    #1
    1. Advertisements

  2. Patrick Kremer, Aug 30, 2005
    #2
    1. Advertisements

  3. David

    David Guest

    David, Aug 31, 2005
    #3
  4. Your DMZ is part of the problem. The VPN, I'm guessing, is only connecting
    to the DMZ and not the LAN, so the incomming "VPN Call" is dialing into the
    DMZ and the user is becoming part of the DMZ instead of becoming part of the
    LAN.

    Two things....

    1. The 192.168.0.x "router" need to be capable of "VPN-Passthorugh" (some
    aren't) so that the VPN Call is passed back to the SonicWall so that the
    Sonic wall can "answer the call". This causes the user to dial into and
    become part of the LAN instead of the DMZ.

    2. The WiFi Device must be capable of creating a Router-to-Router VPN (aka
    Site-to-site VPN),...if it cannot, then it just simply is not suitable for
    what you want to do. You can not make things do things that they weren't
    designed to do. I am assuming that the Sonicwall is already capable.


    --
    Phillip Windell [MCP, MVP, CCNA]
    www.wandtv.com
    -----------------------------------------------------
    Understanding the ISA 2004 Access Rule Processing
    http://www.isaserver.org/articles/ISA2004_AccessRules.html

    Microsoft Internet Security & Acceleration Server: Guidance
    http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
    http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp

    Microsoft Internet Security & Acceleration Server: Partners
    http://www.microsoft.com/isaserver/partners/default.asp
     
    Phillip Windell, Aug 31, 2005
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.