Friday, August 22, 2008

VPN and SBS 2003

Hello folks - I am the author of the Windows Small Buisness Server 2003 Best Practices book (ye olde purple book) and I am posting up a few pages per day because (1) I own the copyright and (2) I like helping folks!

Today we are deep into Chapter 8 discussing mobility and remote access. The topic is Virtual Private Networks (VPN) in SBS 2003.

BTW - I will keep postung up unitl SBS 2008 ships!


Harry Brelsford

CEO at SMB Nation |

Microsoft Small Business Specialist (SBSC), MBA, MCSE, CNE, MCP, MCT, CLSE and CNP - man - I am tired from earning those titles!

ps - we are hosting the SBS 2008 and Essential Business Server EBS launch party in Seattle at our fall conference in early October...see ya there!


VPN Connectivity

Building on the high-level VPN discussion we had in Chapter 5, this section is gonna do the step-by-step thing to have Norm Hasborn VPN in from his trusty HP Evo N800c laptop.

BEST PRACTICE: If you have run the Remote Access Wizard, you can then run the Connect My Remote Computer to the Network link in RWW to install Connection Manager on the mobile laptop or home computer. Here is the key point. Connection Manager automates the process of establishing a VPN connection to the SBS

Visit for the latest updates for any Microsoft product.

2003 network. Connection Manager can be used across any type of connection (such as dial-up modem).

Connection Manager can be installed three ways:

• Add User Wizard/Setup Computer Wizard: You can specify that Con­nection Manager should be installed for a user on a machine. Revert to discussion in the latter part of Chapter 4 to refresh your memory on this. This approach will place a shortcut on the client computer desktop to run Connection Manager and initiate the VPN session.

• Connection Manager diskette. Yes, diskettes still exist in SBS 2003! This diskette can be created and given to an employee to take home to easily set up the VPN connection to the SBS 2003 network. Create the Connection Manager diskette from the Create Remote Connection Disk link on the Manage Client Computers page under Standard Manage­ment in the Server Management Console.

• RWW: Pick Download Connection Manager from RWW, which is what we’ll do in the following procedure.

BEST PRACTICE: Connection Manager will only work with a FQDN that you’ve registered as a resource record with your ISP to point to the wild-side NIC card on the SBS 2003 server machine. If you want to use the wild-side IP address, you’ll have to configure the connection manually.

VPN Step-by-Step Procedure

Time to have Norm VPN into SPRINGERS!

1 Log on locally as NormH using the password Purple3300 on his laptop, NormLap.

2 Click Start, Internet to launch Internet Explorer.

3 Type in the Address field.

4 Respond affirmatively to the security alerts (OK, Yes)

5. On the RWW logon screen, log on as NormH with the password Purple3300. But if you want to avoid the message in Figure 8-30, then deselect the I’m using a public or shared computer checkbox.

Figure 8-30

Microsoft will not allow Connection Manager to run on a public or shared computer.

6. Select Download Connection Manager. Click OK after reading the warning that you should ensure all users have strong passwords after you install Connection Manager.

7. Click Open on the File Download dialog box to open Connection Manager (sbspackage.exe).

8. Click Yes when asked if you want to install the connection to SBS 2003 in the Connect to Small Business Server dialog box. The installation process commences.

9. On the desktop, double-click on the Shortcut to Connect to Small Business Server.

10. Complete the Connect to Small Business Server logon box, as seen in Figure 8-31. Type NormH in the User name field, and Purple3300 in the Password field. Click Connect. Your computer will be regis­tered on the SBS network.


Visit for the latest updates for any Microsoft product.

Figure 8-31

Simple stuff, Maynard! Connecting via the Connection Manager approach shields users from having to manually configure the VPN stuff on their computer.

You have now established a VPN connection to the corporate network and the client computer acts as a “node” on the LAN at this point. The visual evidence of this will be a green dancing computer (connection icon) in the lower right corner of the screen. VPN connections are often appropriate to access network resources from afar and run business databases (where you truly need to be a network node).

1 comment:

alex smith said...

Either way, assuming it works, it's great to have a free vpn solution out there that can encrypt data while surfing WiFi.