Step 2: Server placement

News

Step 2: Server placement

Now that I have described the required servers, I want to take a moment to discuss the ways that the servers will connect to your network.

The certificate authority and the IAS server will connect to your wired network in the same way that you would attach any other server. Just make sure that you don't make these servers domain controllers.

The VPN server will be a member of your domain and one of the VPN server's NICs will attach to your wired network. As I mentioned earlier, the VPN server's other NIC will connect to your wireless network. There is just one catch though: It is a huge security risk to attach the VPN server directly to the wireless network. You need to have a firewall in front of the VPN server. Many wireless access points have a built-in firewall that you can use. If your access point doesn't have a built-in firewall, then you could use Microsoft's ISA Server or a hardware-based firewall. You can see a sample diagram in Figure A.


This is how the servers should be placed on your network.


How to create a VPN for your wireless network

 Home: Introduction
 Step 1: Server requirements
 Step 2: Server placement
 Step 3: Setting up the certificate authority
 Step 4: Configuring the authentication server
 Step 5: Configuring the VPN server
 Step 6: Configuring wireless clients

ABOUT THE AUTHOR:
Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. He has served as CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. As a freelance technical writer, he has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies. You can visit his personal Web site at www.brienposey.com.
Copyright 2005 TechTarget

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy